Patrick Coyle wrote a blog on his Chemical Facility Security Blog on the House Homeland Security Committee hearing highlighting testimony of people opposed to the President’s cyber security plan. The attendees were:
- Ms. Melissa Hathaway, President, Hathaway Global Strategies LLC;
- Dr. Greg Shannon, Chief Scientist for Computer Emergency Readiness Team, Software Engineering Institute, Carnegie Mellon University;
- Mr. Leigh Williams, BITS President, The Financial Services Roundtable; and
- Mr. Larry Clinton, President, Internet Security Alliance
Patrick stated the following: "While the written testimonies of Ms Hathaway (politically influential) and Dr. Shannon (technically influential) are significant, the one that most people in the chemical and control systems communities should pay attention to is that of the Internet Security Alliance President, Mr. Clinton. I recommend that anyone with management responsibility for control system security should read Clinton’s testimony."
Consequently, I called Larry Clinton. There were two major eyeopeners in the conversation:
- There are no industrial control system vendors or end users who are members of the Internet Security Alliance
- Larry did not understand the unique issues associated with ICSs
This is another case of why it is important for the ICS community to speak for itself.