The National Institute of Standards and Technology (NIST) issued its second revision to its Guide to Industrial Control Systems (ICS) Security, a major source of guidance for critical infrastructure sectors which own and operate computer controlled industrial equipment.
Many of the changes are driven by the internet connectivity of ICS machines and devices, or “Internet of Things”, which has caused once siloed environments to become susceptible to a plethora of new vulnerabilities.
One significant revision to its guidance is an ICS overlay of security controls outlined in NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations.
“NIST has once again created a set of guidelines that if implemented will dramatically improve the security posture of compliant organizations. It is my hope that critical infrastructure sector leaders leverage this document immediately to defend themselves against the onslaught of attacks we are facing as a Nation.” said Parham Eftekhari, a Sr. Fellow at ICIT.
To support this publication and ICS security in critical infrastructure sectors, ICIT is announcing a series of legislative meetings, briefs and an agency/legislative event focused on ICS Security. If your organization is an expert in this field please contact firstname.lastname@example.org for more information.