Industrial Control Systems (ICS) are command and control systems designed to support industrial processes. These systems are responsible for monitoring and controlling a variety of processes and operations such as gas and electricity distribution, water treatment, oil refining or railway transportation. The largest subgroup of ICS is SCADA (Supervisory Control and Data Acquisition) systems.
In 2014 ENISA assess the need of an Expert Group focused on the topic of the ICS SCADA security, that will provide the opportunity for ICS/SCADA experts to address important issues to ENISA in its work to enhance ICS security in the EU, and it will provide the opportunity for ENISA to consult providers and to listen to concerns and ideas.
Objective of the ICS Stakeholder Group is to support ENISA in getting more effective and more efficient in all activities related to the ENISA ICS security reports. Particular emphasis will be put on communicating stakeholder requirements so that ICS security studies and the achieved results can be further developed. Indicatively:
- Exchange and discuss about threats, vulnerabilities and incidents, to ensure that there is a common understanding about common threats, vulnerabilities and incidents affecting Critical Infrastructures , across the EU;
- Give feedback on experiences with regulation and supervision to ensure effectiveness and efficiency;
- Point to gaps and issues that require attention from ENISA and/or government regulators (NRAs, DPAs, security agencies, ministries, European commission etc), to ensure that important topics and issues are being addressed;
- Identify needs of stakeholders in the area of ICS security;
- Identify channels to facilitate information collection, sharing and dissemination;
- Identify additional elements that might be part of the ICS security.
Involved individuals will be selected based on excellence in the following skills (indicatively):
- Experience with information collection, sharing and dissemination;
- Good understanding of policy and regulatory issues related to the security of ICS-SCADA at national and/or pan European level including activities related to Critical Information Infrastructure Protection (CIIP);
- Knowledge of CIIP and cyber security strategy and policy at national and/or pan European level;
- Experience from interaction with relevant stakeholders/users;
- Experience with tools regarding all above.
A knowledge of the European policies on cyber security, as well as the peculiarities of the European ICS security is desirable for potential group members.
For more information read the ICS-SG Terms of Reference, you can find here.
Are you an expert in the area of ICS security and want to become a member of the ICS-SG , click here.