ICSJWG: Cyber Exercises a Key

Wednesday, October 17, 2012 @ 08:10 AM gHale

By Gregory Hale
Cyber incidents are going to keep happening, and not only should companies have a security plan, they should also conduct ongoing training exercises to stay on top of their game.

“In the cyber world, it seems like we are always behind the curve,” said Bridgette Walsh, deputy director of the Department of Homeland Security National Cyber Security Division, Cyber Security Exercise Program during her session Tuesday at the Industrial Control Systems Joint Working Group (ICSJWG) meeting in Denver, CO. “As soon as we figure out one thing, something else comes out.”

ICSJWG: Knowledge Sharing
ICSJWG: Researchers on Same Team
Firewall Costs; Hidden Costs
ICS, SCADA Myth: Protection by Firewalls

“Cyber exercises are a proven tool,” Walsh said. “It is not a question of if, but when – you need to practice what you fight.”

“We know there are more incidents every day,” Walsh said. The potential of an increase in incidents brings on communications challenges users have to learn to overcome. That is where cyber exercises become vital aspect in bridging the gap.

Working with the IT department remains a key cog in the cyber environment.

“Good IT is a given, but it is only one piece,” Walsh said. “If they could control the environment the way they wanted to, we would all be a lot safer,” she said. But locking down the system is just not feasible, so practicing on the security plan and showing how the procedures can actually work is the next best thing.

Cyber exercises not only gets folks prepared for what they may face, it also allows them to figure out what works and what does not in a non hostile setting.

“It is an opportunity to hone in on processes so people know what they are doing,” Walsh said. “It gives you the venue to test new procedures in a safe environment.”

Because of the dynamic security environment, cyber exercises need to be ongoing.

“Threats are constantly evolving and that means your process should, too,” Walsh said.

Walsh talked about four trends she sees shaping up from her perspective:
• Cyber information sharing
• Command and control
• Internal/external communications
• Cyber training and education

One of the biggest challenges organizations face is the lack of user awareness and cyber education. There is also infrequent and a lack of up to date materials.

“Users, no matter how high they are in the organization, can be the biggest problem.”

In an environment where work is never ending and the time for training is short, Walsh said that is no excuse.

“You need to build in a culture of exercise,” she said. “You need to build it into your plans, your procedures.”

Leave a Reply

You must be logged in to post a comment.