July 16, 2021
The ISA Global Cybersecurity Alliance (ISAGCA) and the Incident Command System for Industrial Control Systems (ICS4ICS) recently announced the release of a cybersecurity first responder credentialing program.
The ISA Global Cybersecurity Alliance has joined forces with the Cybersecurity and Infrastructure Security Agency (CISA) and cybersecurity response teams from more than 50 participating companies to adopt FEMA’s Incident Command System framework for response structure, roles, and interoperability. This is the system used by First Responders globally when responding to hurricanes, floods, earthquakes, industrial accidents, and other high impact situations.
Incident Command Systems have been tested over more than 30 years of emergency and non-emergency applications, throughout all levels of government and within the private sector.
The ICS4ICS approach guides companies, organizations, and municipalities in identifying an incident, assessing damage, addressing immediate challenges, communicating with the right agencies and stakeholders, and resuming day to day operations. The framework applies traditional Incident Command Systems best practices to cybersecurity incidents, ensuring common terminology and enabling diverse incident management and support entities to work together. ICS4ICS provides clearly defined command structures, including standard roles needed in a response, and the framework can scale to support small or extremely large-scale incidents that impact many organizations.
“For many years, we’ve needed ICS4ICS, to enable collectively organized cyber and physical responses in a unified way. Credentialing cybersecurity first responders is an important milestone in this valuable public-private partnership,” said ISAGCA Advisory Board chairperson and ICS4ICS leader Megan Samford, VP and Chief Product Security Officer of Schneider Electric’s energy management business. “We’ve developed an adjudication process and certified our first four responders. I’m proud to be one of them and stand ready to help companies recover from cyber incidents.”
The adjudication process, managed by a formal committee within ICS4ICS, consists of an application process and panel of incident command system (ICS) subject matter experts who evaluate the candidate’s submittal. The inaugural round of credentialing recognizes these cybersecurity experts:
- – Mark Bristow, Branch Chief of Cyber Defense Coordination at CISA, whose 15-year career with US government cybersecurity agencies includes responses to incidents ranging from Ukraine cyberattacks to attempts by Russian government hackers to intrude on energy equities
- – Neal Gay, Senior Manager of Managed Defense/Industrial Control Systems at FireEye
- – Megan Samford, ISAGCA Chairperson; VP and Chief Product Security Officer of Schneider Electric’s energy management business
- – Brian Wisniewski, US Army Reserve
Interested companies and organizations can engage with ICS4ICS to learn how they can participate in this multilateral preparedness scheme for responding to cyber incidents. There are no membership requirements to participate, and we are seeking broad engagement from both the private and public sectors. The proven approach is vetted by industry companies and subject matter experts and the program has significant value for small to medium sized entities that do not have the time, finances, or personnel to assign a full-time cyber response unit, but still need to develop plans and train employees accordingly.
ISAGCA recently released a blog article on ICS4ICS entitled, “Addressing the Downstream Effect of a Cyber Attack,” as well as the webinar, “ICS4ICS Stands Up ICS Incident Response System 2021,” featuring Neal Gay.