Information and Communication Technologies play a key role in our Society and Economy. It is known that most of our essential services and corporations depend on ICT for its normal operation, but it is not so widely known that all of those essential services depend on industrial systems. In fact, these systems are the ones responsible of controlling cooling towers and electric generators which provide power and fire extinguishing capabilities among many other features.
Industrial Systems are the basis of Critical Infrastructures and consequently of the nation's Essential Services, this fact has made industrial systems a main target in cyber-terrorism and even cyber-war, new aspects of well-known conflicts that have expedite the development of cyber-weapons focused on exploiting vulnerabilities of industrial control systems.
Our society and economy is, therefore, vulnerable. Our first step should be that every involved organization and stakeholder obtains an appropriate level of awareness on this issue. After analyzing the current state of industrial cybersecurity, its stakeholders and market requirements, as well as success and fail cases in Europe and the United States, we have started in June 2013, in Spain the Industrial Cybersecurity Center (CCI).
It is the first center of its kind, born from the industry without subsidies, independent and non-profit. Its mission will be to boost and improve the Industrial Cybersecurity in Spain and Ibero-America, defining Industrial Cybersecurity as "the set of practices, processes and technologies, designed to manage cyberspace's risk associated to the management, process, storage and transmission of information used by industrial infrastructures, from the points of view of people, processes and technologies".
The Center starts with the support of the market (end users, consultancy and engineering firms, public organisms and institutions, as well as a large number of professionals from industrial sectors) and aspires to be an independent meeting point in the Spanish-speaking world, for information and experiences interchange for private and public companies as well as professionals related to Industrial Cybersecurity who want to improve this aspect in the industrial sectors. The annual planning of activities of the CCI is availble in this section:
It is known that most of essential services, public and private, mass media, security forces and, of course, the enterprises, depends on ICT for the normal development of their activity. But it is not so widely known that every one of those essential services, and the ICT assets, depends more and more of Industrial Control Systems (ICS). ICS are the responsible of controlling and managing physical security systems in datacenters as well as refrigeration towers and electric generators which provide the energy to the fire extinguish systems among many other aspects.
ICS are the base of the main Critical Infrastructures and essential services in our nations and therefore their security and protection rests in them. This has become ICSs in a target for cyberterrorism, advanced persistent threats and cyberwar. This fact besides a lack of security requirements in their design, deployment and operation has allowed the development of real cyber-weapons whose objective is to exploit the existing vulnerabilities in these systems.
Therefore, our society and economy is vulnerable: Stuxnet, Diginotar, Duqu, Anonymous, Flame, Shamoo, Botnets or Denial of Service attacks are words and concepts whose presence in the general mass media is more common every time trying to explain information leaks, service outages, electrical blackouts and other incidents related to our essential services.While the level of maturity on protection and cybersecurity for ICS in the US is high, with numerous government, sectorial and coporate initiatives as well as important budgets for its development and protection, in general, Europe is more than five years behind in this subject. The problem gets bigger in some member states of the European Union such as Spain who is more than five years behind of the European leaders (UK, Netherland) on this subject. So, some of the member states, and Spain in particular is more than a decade behind the United States on Industrial Cybersecurity issues.
In a global market with more competitivity and more sofisticated and growing threats, this situation is unsustainable. It is necessary to employ big amounts of work, develop plans, take measures and, of course, provide important economic resources in order to decrease the gap with the leader countries and, at least, achieve successfully an equal level of security during the next 10 years.
The lack of well positioned actors in the market makes end users to require big enhancements on their situational awareness and their knowledge on industrial cybersecurity in order to know which are the successful solutions that are being deployed in more advanced countries, as well as get in contact with other end users with similar necessities, and, why not, with vendors that could provide the growing requirements in the scope of industrial processes. The current situation of the market in Spain and LatinAmerica requires a clear positioning of these vendors by providing presence, knowledge and references specific to these environments.
From the Center we intend to boost improvements to Industrial Cybersecurity y by developing analysis, studies and information interchange in order to build a solid ecosystem where every stakeholder gets the biggest benefits about protection, knowledge and business in their organizations.
The Center aspires to be an independent meeting point in the Spanish-speaking world, for information and experiences interchange for private and public companies as well as professionals related to Industrial Cybersecurity who want to improve this aspect in the industrial sectors.
The mission of the Center is to improve Industrial Cybersecurity by developing analysis, studies and information exchange and sharing about practices, processes and technologies designed to manage the cyberspace's risk derived from the use, process, storage and transmission of information handled by organizations and critical infrastructures that are an important part of nowadays society.
The Industrial Cybersecurity Center aspires to be an independent meeting point for information and experiences interchange for private and public companies as well as professionals related to Industrial Cybersecurity who want to improve this aspect in the industrial sectors.
The activities of the Center, focused on provide máximum benefits to its members ans sponsors are ruled by the following strategic objectives:
- Conglomerate the main experts and actors in industrial cyberseucirty in order to facilitate the interchange of experiences and information and be kept up to date on the last technologies and improvements on this subject.
- Provide awareness on current cybersecurity state, paying special attention to new threats and attack techniques.
- Set communication channels with authorities and lawmakers in order to ease communication among the different actors involved in industrial Cybersecurity (government, industrial associations, critical infrastructures, engineers, integrators, vendors, consulting firms, associations, standard and good practice developers and citizens).
- Improve awareness through all the actors by courses, events, seminars, publications and a presence in the media.
- Qualify professionals on industrial Cybersecurity in order to facilitate hiring.
- Improve and expand the spanish and latin american Industrial Cybersecurity market.
CCI as a Catalyzer
It's proved that Top-Down approaches, although existing, are not sufficient and sometimes, are negative for the improvement of the Critical and Industrial Infrastructure Protection and Cybersecurity.
Bottom-Up approaches (as the one proposed hered) are needed in order to involve the needed actors, provinding them with adequate tools and resources and motivating them for action.
Cybersecurity depends mainly on people, not only on policies and regulations, consequently, the increasing on collaboration, relationships and information interchange among professionals is a key aspect.
Increasing corporate resources dedicated to compliance activities, sometimes diminish the resources available for Cybersecurity improvements Sometimes, Compliance activities become Comply and Lie" activities