Overview[]
The goal of the NCSD Control System Security Program (CSSP) is to guide a cohesive effort between government and industry to reduce the cyber risk to industrial control systems.
Guidance[]
The CSSP provides guidance and reduces risk to CIKR control systems by:
- Leading the Strategy for Securing Control Systems as part of the overall mission to coordinate and lead efforts to improve control systems security in the nation’s critical infrastructures.
- Managing and operating the Industrial Control Systems Joint Working Group (ICSJWG) to provide a formal mechanism to protect information and foster the coordination of activities and programs across government and private sector stakeholders.
- Operating the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in coordination with the United States Computer Emergency Readiness Team (US-CERT) for control systems-related incidents and cybersecurity situational awareness activities.
- Maintaining a technical support center to conduct assessments of commercially available control systems and components.
- Performing outreach activities and improving awareness in the control system community through training and education.
- Creating informational products and tools to assist vendors and owners/operators in designing, procuring, installing, and operating control systems to mitigate risks.
- Providing strategic recommendations to the research and development community for development and testing of next-generation secure control systems.
- Assisting national and international standards organizations in the development of control systems cybersecurity standards.
Partnerships[]
The CSSP, in alignment with the DHS National Infrastructure Protection Plan (NIPP), works closely with, and coordinates efforts among, government entities, national laboratories, industry, as well as technical professionals across the control systems community. This coordination "landscape" is comprised of the many functions, stakeholders, and processes that further the implementation of technology and methods to improve control systems security.