Security in the industrial space is sure gaining traction lately. The European Union Agency for Network and Information Security (ENISA) just published a "Good practice guide for CERTs in the area of Industrial Control Systems" for those needing to provide ICS computer emergency response capabilities (ICS-CERC).
ENISA concentrates on achieving a high level of network and information security within the European Union. The goal is to attempt to prevent security problems using its body of expertise covering technical and scientific aspects of security, and working as a European Agency. It also works in the area of developing security-based legislation.
ENISA provided a baseline guide in the past that used four categories of capabilities:
- Service portfolio
- Operations relative to ICS-CERC
- Cooperation with other ICS stakeholders
The updated guide maintains the same categories, but expands the information. From initial focus, through training, further education, hosting, and ongoing cooperation, the guide explains, recommends, and, wherever possible, gives concrete examples. It also stresses those factors that are different in industrial security systems when compared with typical IT needs.
The guide not only discusses what should be put into place, but also briefly delves into maintenance, continued development, and improvement of the plan, once in place.
The expectation is that ENISA will continue to update the guide, and that it will remain a dynamic effort.
The 43-page document can be downloaded for free by clicking here.
Earlier in 2013, ENISA summarized 120 reports dating from 2011 and 2012 in the "ENISA Threat Landscape Report" to provide an independent overview of observed threats and emerging threats. It identified a top 10 list in emerging technology areas including mobile computing, social media/technology, critical infrastructure, trust infrastructures, cloud, and big data. The top 10 threats are:
- Drive-by exploits (malicious code injects to exploit web browser vulnerabilities)
- Code injection attacks
- Exploit kits (ready-to-use software package to automate cybercrime)
- Botnets (hijacked computers that are remotely controlled)
- (Distributed) denial-of-service attacks (DDoS/DoS)
- Phishing (fraud mails and websites)
- Compromising confidential information (data breaches)
There is a wealth of information on security, including that targeting the industrial space, that is accessible at ENISA's website.