A word for the next administration…

Recommendation for next administration I have mentioned the Blue Ribbon Committee drafting recommendations for the next president on cyber security. I have been asked to draft a paper for the Committee on what the next administration should think about when it comes to industrial control systems. The paper will address what is different about control systems, identify specific control system cyber security issues based on actual cyber security incidents, and provide address whether there should be regulation or incentives for cyber security. I think it has been pretty obvious that incentives alone don’t work. There is no doubt that regulation will be required as can be seen with Congress drafting legislation to give FERC additional emergency powers and the Nuclear Regulatory Commission (NRC) developing a Regulatory Guide for cyber. Hopefully, all industries will get the message cyber is important and must be adequately addressed for business and national security reasons and not treat it as a paper exercise like the NERC CIPS. If possible, I will try to have a draft available at the August ACS Conference. Joe Weiss