Last week the Idaho National Laboratory (INL) and the Department of Homeland Security (DHS) announced the successful completion of the 100th iteration of the Industrial Control Systems Cybersecurity training on defending systems used across the critical infrastructure sectors. Since April 2007, over 4,000 cybersecurity professionals have participated in the advanced course. These professionals represent all 50 states, the international cyber community and all 16 of the nation’s critical infrastructures. The training is conducted in Idaho Falls, Idaho, and is hosted by the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Lane Thames, Software Development Engineer and Security Researcher at Tripwire commented below.
Lane Thames, Software Development Engineer and Security Researcher at Tripwire:
“The INL has major brain power backing up their research in industrial systems and industrial cybersecurity, especially within the realm of power grids and smart grids. The INL and DHS training partnership is a good thing for the community at large for spreading awareness of cybersecurity challenges we face in critical infrastructure.
I’m sure this program has made a difference. With 4,000 people completing this single training course, we can bet that the training has made good advancements at increasing awareness of critical infrastructure security issues. Also, the partnership provides materials online for free virtual training. Thus, it is highly likely that the partnership has made a significant impact on awareness in this area.
The topics and materials are exactly what I’d expect from this type of training. It is aligned with other materials and training you might find elsewhere in terms of books, coursework, conference training, etc.
However, at least one thing definitely sets the INL-DHS training apart and that is the ability to get hands on experience with real industrial control systems.
Also, the hands-on, real-time Blue Team versus Red Team exercise provides a great training experience.
In the near future, however, we in the cybersecurity community are going to need to start introducing more advanced concepts such as how the Cloud, the Industrial Internet, and the Internet of Things will impact the security of our industrial environments. These technological advancements might not impact certain portions of our critical infrastructure for many years to come. However, it eventually will, especially as more greenfield critical infrastructure systems come online and as older systems are retrofitted and/or upgraded over time.
Newer industrial control systems will, indeed, have connections to the cloud for applications such as Big Data Analytics and such. For example, predictive maintenance, which is key for advanced smart manufacturing, requires such technology. These cloud-based applications will also come with communication techniques/paradigms that essentially break, as a minimum, our current standard views and best practices of security in terms of perimeters and segmentation. This is already true in the IT world. It will be true for the near future ICS world. We have lots of research and development to do in terms of taking advantage of these advanced technologies alongside of maintaining high levels of security.”