ISA Delivers On-Site Industrial Cybersecurity Training and Technical Support at US National Guard Exercise
June 4,2018
For the third year in a row, the International Society of Automation (ISA) provided operational technology (OT) training and on-site technical assistance in support of the US National Guard’s national cyber-operations exercise, Cyber Shield.
Cyber Shield is designed to train National Guard members on cyber protection, network defense, forensic analysis, tactics, techniques and procedures defense against cyberattacks, hackers and other malign actors. The exercise supports the National Guard’s missions to defend US Department of Defense assets, conduct readiness inspections and critical infrastructure vulnerability assessments, and leverage new and emerging technologies for homeland defense.
This year’s Cyber Shield 2018 (videos and photos posted), held 6-18 May at Camp Atterbury in Indiana, brought together more than 800 participants-including members of the National Guard from 40 US states and territories, the Army Reserve, federal and state government agencies, industry partners and academia-to test their collective skills and evaluate their defensive capabilities in response to cyber warfare.
Cyber Shield 2018 incorporated two phases: the first week focused on military, government and private sector training on vital cyber skills. The second week challenged National Guard soldiers and airmen to face off against trained online adversaries, and use their training and skills to defend networks and mitigate the effects of attacks against vulnerable infrastructure.
“This exercise provides a very technical defensive cyber ecosystem with a Defensive Cyber Operations Element training focus,” said Ohio National Guard Lt. Col Teri Williams, the exercise commander. “Cyber Shield truly is a crucible where industry cyber talent merges with our military forces and the result is a more polished, tuned, and stronger response capability.”
ISA was selected a US National Guard Mission Partner because of its leadership in industrial cybersecurity standards and training
ISA was selected as a Mission Partner of the National Guard due to its leadership and experience in developing the world’s only consensus-based series of industrial cybersecurity standards, ISA/IEC 62443. These standards, which also serve as the basis for ISA cybersecurity training, protect the industrial automation and control systems (IACS) and networks that operate OT machinery and associated devices within critical infrastructure. Without these defenses in place, industrial cyberattack can result in plant shutdown, operational and equipment impairment, severe economic and environmental damage, and public endangerment.
Given their protective capabilities, the ISA/IEC 62443 series of standards are key components of The Framework for Improving Critical Infrastructure Cybersecurity (updated April 2018), a how-to guide developed through the National Institute of Standards and Technology (NIST) to help strengthen America’s cyber defenses.
ISA was actively involved in supporting Cyber Shield 2018 during both phases of the exercise. During the first week, ISA instructors taught two ISA industrial cybersecurity courses: IACS Cybersecurity Design & Implementation (IC34) and IACS Cybersecurity Operations & Maintenance (IC37). This photo, taken during the instruction of IC37, shows National Guard members and other partners working in an incident response lab during Cyber Shield 2018. Here, an ISA industrial cybersecurity subject matter expert, Wally Magda, discusses the importance of following critical security protocols during the training.
“ISA is gratified to be able to assist the National Guard in this important national cyber-operations exercise,” remarked Dalton Wilson, ISA’s Director of Education and Certification Services. “Because ISA’s industrial cybersecurity training courses are based on the benchmark ISA/IEC 62443 security standards, they deliver the vital skills and know-how needed to identify OT cybersecurity vulnerabilities and limit damage to industrial automation control systems and networks. In addition, ISA cybersecurity training is comprehensive in scope, helping ensure IACS security through a lifecycle that integrates design, implementation, monitoring and continuous improvement.”
During the second week of the exercise, when cyber-operations teams tested their mettle against cyberattack, ISA provided on-site technical support. National Guard cyber-defense teams utilized ISA’s Cyber Trainers, which serve as “micro-factories”-small-scale versions of actual industrial automation and control systems. Each micro-factory is configured to run three different critical infrastructure simulations: water/wastewater, natural gas pipeline, and power grid.
Not only do Cyber Trainers simulate the actual processes and communications protocols used in industrial OT, they provide users with hands-on, working knowledge of the ISA/IEC 62443 standards and how they protect industrial control systems and networks.
ISA’s umbrella association, the Automation Federation, is committed to broadening awareness around the need to better protect IACS
As the umbrella and outreach association of ISA, the Automation Federation has been collaborating with NIST and other federal and state entities for years to raise awareness of the growing risk of industrial cyberattack and the need to implement ISA/IEC 62443 security standards.
Marty Edwards, Managing Director of the Automation Federation, was asked by the National Guard to deliver remarks during Distinguished Visitors Day at the closing of Cyber Shield 2018.
“Given that the Automation Federation has long partnered with the US government as a global resource for industrial control systems cybersecurity, I was honored to be able to speak at Cyber Shield 2018 and stand among the brave men and women in uniform who are charged with protecting America’s critical infrastructure from cyberattack,” says Edwards, a widely recognized industrial control systems cybersecurity expert.
Edwards, who previously led an operational division of the National Cybersecurity and Communications Integration Center (NCCIC) in the Department of Homeland Security (DHS), emphasized that ISA and the Automation Federation are proud to continue their alliance with the National Guard on such a vitally important effort.
More about ISA99/IEC 62443
Developed by leading international cybersecurity experts from industry, government and academia, ISA/IEC 62443 is a flexible framework for preventing and limiting cyber damage to IACS and networks.
Because most IACS are not designed to ensure resilience against cyber warfare, an IACS cyberattack can impair and disable safe operations of industrial facilities. The consequences-which can include plant shutdowns, widespread power blackouts, explosions, chemical leaks, and more-can place national and economic security as well as lives, personal safety and the environment at risk.
ISA/IEC 62443 enables owners and operators of critical infrastructure to achieve and maintain IACS security improvements through a lifecycle that integrates design, implementation, monitoring and continuous improvement.