Real DATA on Industrial Control Security from RISI #RISI #cybersecurity #ICS #control

Once again, RISI, the Repository for Industrial Security Incidents, has released their annual report. RISI is part of Security Incident Organization ( which is the only NGO (non-governmental organization) tracking incidents in industrial control security.

Why is this important (and why did I agree to serve on the RISI Advisory Board)? Have you ever tried to get incident data out of ICS Cert, or Idaho National Labs or DHS or the FBI? You have to have jumped through all the right hoops, have clearance, and hope they are feeling good today. RISI, part of the not-for-profit Security Incidents Organization, doesn't do that. Supporting this NGO is a good thing. Send them incident reports. Buy their report documents.


Security Incidents Organization Releases Annual Report on Industrial Control System Malware Incidents

Stuxnet isn't the only malware in the industrial controls environment that disrupts infrastructure security

Sellersville PA, March 2, 2011 The Security Incidents Organization released today its 2011 edition of the Repository of Industrial Security Incidents (RISI) annual "Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems Resulting from Malware Infections."

John Cusimano, executive director of the Security Incidents Organization (SIO) said, "This report shows the details of the continuing threats to manufacturing and infrastructure security around the world. As the Stuxnet malware showed in 2010, the threat continues and has become even more complicated and mature."

The report documents 60 incidents that have taken place between 1999 and 2010 that involved lost time, destruction of property and even fatalities. "Real stuff has happened," said Walt Boyes, RISI advisory board member and Fellow of the International Society of Automation, "This is not Y2K. When you have a continuing series of incidents that have produced deaths and injuries, it is time to pay attention on a corporate management level."

"Every new worm, virus or hack is an evolution on one from the day before," said Eric Byres, internationally known security expert and Chief Technology Officer of Byres Security Inc. "The bad guys learn from their successes and mistakes so they can build scarier, more effective attacks. As ICS professionals we have to learn as well, or we will be left far behind. We need to study what has gone wrong in the past so we don't repeat that mistake again in the future. The RISI reports are designed to help us do that."

The report is available from the Security Incidents Organization at or by calling + 1 (267) 354-0399. Information on how to report an incident is also available there.

Please click here for the accompanying material, including an executive summary and brochure.  

A web-based press conference is scheduled for Friday, March 4, 2011 at 10:00am EST (GMT-5) to discuss the significance of the RISI report and the continuing malware threat to industrial control systems and the world's industrial infrastructure.  You may register for the conference at   Please contact or +1 (267) 354-0399 with any questions regarding registration or to schedule an interview with SIO director John Cusimano.