Wait, and Uncle Sam will do it for you...

While many industrial sectors dither about protection of critical infrastructure, the Federal Government is busy setting forth standards for those sectors to meet. Currently these standards are voluntary, but insiders continue to say that if voluntary compliance is not forthcoming, the standard means of governmental coersion will be used to force compliance. You can read the web-page on these standards here. Note that some of them are restricted on a need-to-know basis, which, as a journalist, I do not have by definition. The problem, of course, is that very few people that the DHS has working on these plans have direct experience in automation systems. Marty Edwards, of INEL, is a shining exception, as are a couple of others. But mostly, DHS' experience in working on plant level security is lacking. So if you are an end user in a critical infrastructure industry, why don't you do something about this? Get your plans into shape before your friendly Uncle Samuel tells you how to do your job.

What are your comments?

You cannot post comments until you have logged in. Login Here.

Comments

  • I'm not sure that it is proper to call these documents "standards." They are actually sector specific plans that describe what each industry sector intends to do with respect to cyber security, including automation systems where applicable.

    I believe that in many (most?) cases these plans were developed by representatives of the sector in question, and submitted to DHS.

    I do agree that the government (i.e., DHS) will continue to get more specific about what they expect or require in this rea from the private sector. Get educated and involved now, or wait for the results. That's the choice.

    Reply

RSS feed for comments on this page | RSS feed for all comments