Strategy for Securing Control Systems: Coordinating and Guiding Federal, State and Private Sector Initiatives [open pdf - 3MB]
"Our nation depends on the continuous and effective performance of a vast and interconnected critical infrastructure to sustain our modern way of life. This infrastructure, the majority of which is owned by the private sector, is comprised of critical infrastructure and key resource (CIKR) sectors as identified in the National Infrastructure Protection Plan (NIPP). These sectors include Energy, Chemical, Banking and Finance, Water Treatment, Postal and Shipping, Agriculture and Food, Defense Industrial Base, Commercial Nuclear Reactors, and many more. Although each of the critical infrastructure industries is vastly different, they are all dependent on control systems to monitor, control, and safeguard their vital processes. As such, the U.S. Department of Homeland Security (DHS) has recognized that the protection and security of control systems is essential to the Nation's overarching security and economy. [...]. The Strategy for Securing Control Systems [...] has been created by the Department's National Cyber Security Division (NCSD) as part of the overall mission to coordinate and lead efforts to improve control systems security in the nation's critical infrastructures. [...] The primary goal of the Strategy is to build a long-term common vision where effective risk management of control systems security can be realized through successful coordination efforts. [...] The overarching control systems security Strategy, established to coordinate federal, state, and private sector initiatives, has two principal components: (1) a new CIPAC entity known as the Industrial Control Systems Joint Working Group (ICSJWG), and (2) an expanded Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), managed by the Control Systems Security Program (CSSP), that provides recognized cyber incident response and analysis capabilities in conjunction with the United States Computer Emergency Readiness Team (US-CERT)."
United States Department of Homeland Security: http://www.dhs.gov/