TMCnet News
Pell Center report on cybersecurity workforce draws ISA response [InTech](InTech Via Acquire Media NewsEdge) ISA has responded to a widely circulated report from the Pell Center for International Relations and Public Policy that calls for a unified national strategy to address the serious workforce development needs faced in confronting the multidimensional threats of cyberattacks. Although commending the Pell Center for bringing attention to this critical problem, the letter from 2014 ISA President Peggie Koon, Ph.D., highlights a comprehensive workforce development strategy being implemented by ISA in what is undoubtedly the most demanding area of cybersecurity-that of the critical and industrial infrastructure that forms the foundation of modern economies and presents the greatest potential targets and impacts. As the Pell Center report makes clear, the technology for combating cyberattacks is only as good as the people who develop, implement, and maintain it. But for those responsible for protecting the critical infrastructure and industrial base, the ISA response points out, the required expertise extends well beyond the tools and technology of cybersecurity to an understanding of the engineering interactions of complex automation and control systems-in which cybervulnerabilities exploited in sectors, such as energy production and distribution, water treatment, refining, and chemicals, can affect and damage multiple sectors. Recognizing the magnitude of these risks, in early 2014 the U.S. National Institute of Standards and Technology published the Framework for Improving Critical Infrastructure Cybersecurity, which sets forth guidelines to identify, assess, and manage cyberrisk. Cited throughout the framework are the ISA/IEC 62443 standards on industrial automation and control systems security that are being developed by the ISA99 standards committee and adopted as completed by the IEC, ensuring global recognition. ISA's cybersecurity initiative extends far beyond the standards to leverage the vast expertise and knowledge from the ISA/ IEC 62443 development effort, the ISA response emphasizes. This has led to programs for the training, certification, and continuing education of those who must understand the complexities and interactions of advanced automation and control systems while protecting the critical infrastructure and industrial base. These include: * Certified Automation Professional (CAP) certification, demonstrating proficiency in all aspects of industrial automation and control systems including network and control systems security * Industrial Cybersecurity Certificate Program, demonstrating proficiency in understanding and applying the ISA/ IEC 62443 international standards * Certified Mission-Critical Professional (CMCP) certification, in development under a U.S. Department of Labor (DOL) grant to Cleveland Community College, focusing on the skills to combat threats in industrial operations * Study courses and preparation materials in support of the Control Systems Engineering (CSE) program, a specialized professional engineering license recognized in the U.S. and administered by the National Council of Examiners for Engineering and Surveying * Automation Competency Model, in conjunction with the U.S. DOL, establishing what individuals need to know to successfully perform the tasks required in automation occupations * Training classes, publications, and conferences covering basic and advanced cybersecurity for industrial automation and control systems and understanding and implementing the ISA/IEC 62443 standards See www.isa.org/technical-topics/cybersecurity/cybersecurity-resources for the ISA Cybersecurity Initiative. See http://pellcenter.salvereginablogs.com/files/2014/07/ Professionalization-of-Cybersecurity-7-28-14.pdf for the Pell Center Report. (c) 2014 International Society of Automation |