The ISA Global Cybersecurity Alliance (ISAGCA) and the Incident Command System for Industrial Control Systems (ICS4ICS) have announced the release of a cybersecurity first-responder credentialing program. The ISAGCA joined forces with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and cybersecurity response teams from more than 50 participating companies to adopt the Federal Emergency Management Agency’s Incident Command System framework for response structure, roles, and interoperability. This is the framework used by first responders globally when responding to hurricanes, floods, earthquakes, industrial accidents and other high impact situations.
Incident Command Systems have been tested during more than 30 years of emergency and nonemergency applications, throughout all levels of government and within the private sector. The approach guides companies, organizations, and municipalities in identifying an incident, assessing damage, addressing immediate challenges, communicating with the right agencies and stakeholders, and resuming day-to-day operations. The ICS4ICS framework applies traditional Incident Command Systems best practices to cybersecurity incidents, ensuring common terminology and enabling diverse incident management and support entities to work together.
ICS4ICS provides clearly defined command structures, including standard roles needed in a response, and the framework can scale to support small or extremely largescale incidents that affect many organizations. “For many years, we’ve needed ICS4ICS, to enable collectively organized cyber and physical responses in a unified way,” said ISAGCA advisory board chairperson and ICS4ICS leader Megan Samford. “Credentialing cybersecurity first responders is an important milestone in this valuable public-private partnership.” ISAGCA has developed an adjudication process and certified its first four responders.
“I’m proud to be one of them and stand ready to help companies recover from cyberincidents,” said Samford, who is also VP and chief product security officer of Schneider Electric’s energy management business. The adjudication process, managed by a formal committee within ICS4ICS, consists of an application process and panel of incident command system subject-matter experts who evaluate the candidate’s submittal. The inaugural round of credentialing recognized these cybersecurity experts:
- Mark Bristow, branch chief of cyber defense coordination at CISA, whose 15-year career with U.S. government cybersecurity agencies includes responses to incidents ranging from Ukraine cyberattacks to attempts by Russian government hackers to intrude on energy equities
- Neal Gay, senior manager of managed defense/industrial control systems at FireEye
- Megan Samford, ISAGCA chairperson; VP and chief product security officer of Schneider Electric’s energy management business
- Brian Wisniewski, U.S.
Army Reserve.
This article was originally published in InTech's July/August issue.
