Automation Federation will work with the White House and other US government agencies to create the Cybersecurity Framework outlined in President Barack Obama’s cybersecurity executive order. The framework will include “standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks,” and will “help owners and operators of critical infrastructure identify, assess, and manage cyber risk.”
Automation Federation advocates the continued development and application of industry consensus standards to protect critical industry infrastructure. Specifically, the group wants to include the American National Standards developed by ISA99, Industrial Automation and Control Systems Security, a multi-industry initiative of the International Society of Automation (ISA).
Developed by international cybersecurity experts from industry, government and academia, ISA99 standards are designed to apply to all key industry sectors and critical infrastructure. Automation Federation says it’s important for standards to be applicable across industries given the interconnectedness of today’s advanced computer and control networks. Vulnerabilities exploited in one sector can have a damaging impact across multiple sectors. ISA99 standards will be adopted by the International Electrotechnical Commission, demonstrating their global compatibility.
Automation Federation also supports the ISA Security Compliance Institute (ISCI) compliance and testing program, designed to ensure industrial automation and control devices work to industry consensus standards.
The federal government’s focus on the cybersecurity issue reflects concerns over a rapidly growing threat to the nation’s critical infrastructure. In 2012, the US Department of Homeland Security reported nearly 200 attacks on national infrastructure, a 52 percent increase from the prior year.
Michael Daniel, special assistant to the President and White House Cybersecurity coordinator, says standards development, information sharing and privacy are the three pillars of President Obama’s executive order. White House national security staff has encouraged the continued participation of Automation Federation in implementing the executive order and establishing comprehensive federal cybersecurity legislation.
Read the executive order here.