The International Society of Automation (ISA) is challenging a report from the Pell Center for International Relations and Public Policy that suggests the need for a unified national strategy to address workforce development needs presented by threats of cyber-attacks.
ISA applauded the Pell Center for drawing greater attention to this challenge, but ISA President Peggie Koon emphasized in a letter to the center that a strategy is being implemented to prepare employees responsible for protecting against cyber threats.
According to ISA, the Framework for Improving Critical Infrastructure Cybersecurity, published in 2014 by the US National Institute of Standards and Technology, sets out guidelines for owners and operators involved in the critical and industrial infrastructure to identify, assess and manage cyber risk.
Koon says the framework contains standards on industrial automation and control systems security that ISA is developing as an international effort that involves experts from more than 200 companies and organizations representing energy, water and wastewater, food and beverage processing, chemicals, petroleum refining and other vital industry sectors.
Though the center’s report points out technology for combating cyber-attacks is only as good as those who develop and use it, Koon says the expertise required for protecting the critical infrastructure and industrial base extends beyond the tools and technology of cybersecurity.
“(Employees) require an understanding of the engineering interactions of complex automation and control systems—in which cyber vulnerabilities exploited in sectors such as energy production and distribution, water treatment, refining and chemicals can disrupt and damage multiple sectors, can have potentially severe consequences for public health and welfare, and on a vast and interconnected economy,” Koon says.
“ISA’s leadership in industrial cybersecurity extends well beyond the standard,” says Patrick Gouhin, ISA executive director and CEO. “This has led to programs for the training, certification and continuing education of those who must understand the complexities and interactions of advanced automation and control systems while protecting critical infrastructure and the industrial base.”
These programs include: professional certification and certificate programs, competency-based workforce development, training classes, publications and conferences.
More information on the cybersecurity resources can be found here.