The Industrial Cybersecurity Center in Canada

Team

Ron Brash

Ron Brash is a well-known technical expert in the ICS community, with a long-standing history in oil and gas from a young age, but also by engaging in difficult-to-solve industry solution development questions. Today, he has over a decade of experience with industrial networks and technologies, embedded systems, systems design, risk advisory, and in several […]

Ronald Brash, the Industrial Cybersecurity Center Coordinator in Canada (CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in his country, and to do so, he shares with us his impressions.

He describes the level of sensitivity of industrial organizations in his country according to the following percentages:

He also affirms that the trend of recent years has exponentially grown.

Canada counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:

  • Public Safety Canada
  • Canadian Center for Cyber Security
  • Canadian Security Intelligence Service
  • Communications Security Establishment
  • Royal Canadian Mounted Police

Among the main national laws and regulations affecting in this context in Canada, Ronald mentions:

  • Environmental regulations
  • NERC CIP
  • Common law (negligence, hacking insider damage etc.
  • Tort Law
  • Statutory Law

Analysing the most widely adopted industrial cybersecurity measures by Canadian organizations to protect industrial automation systems, Ronald Brash highlights the application of:

  • Industrial cybersecurity consulting / advisory
  • Implementation of safety management systems
  • External security audits
  • Network design and architectures
  • Development of continuity and / or contingency plans
  • Managed cybersecurity services
  • Conventional firewalls
  • Industrial firewalls
  • One-way gateways IDS / IPS
  • Backups SIEM (Security information and event management
  • Encrypted communications
  • Industrial applications control
  • Whitelisting
  • Antivirus
  • Identity management

The CCI Coordinator in United States characterizes the industrial cybersecurity situation in his country with the following SWOT analysis:

Weaknesses

  • Lack of specific industry cybersecurity legislation

  • Lack of budget

  • Lack of consequences

  • Lack of decisions power/decision makers that prioritize cybersecurity

Strengths

  • Public organizations driven force (industry, national issues and defence).

  • Significant industrial cybersecurity innovations projects

  • Frequent events and forums on industrial cybersecurity

  • Increase of industrial cyber security trained professionals

Threats

  • Unpreparedness/Lack of compensating controls

  • Lack of proper security for OT, GRC and generally unready to handle an incident

  • Organizational challenes represent the highest threat to any progress and exposes the organization to larger impacts

Opportunities

  • Strategic position in the industrial cyber security sector

  • Birthplace of some of the original ICS security experts

Activities