Equipping students and teachers with knowledge about industrial cybersecurity

summary

Cybersecurity events such as Volt Typhoon and a wave of ransomware attacks have brought unprecedented attention to the need for cybersecurity in industrial control system environments. Fundamentally, the solution depends on developing skilled and prepared professionals who can operate seamlessly across cybersecurity and engineering, IT and OT.

To provide a foundation to address this need, the ISA Global Cybersecurity Alliance (ISAGCA), in partnership with Idaho State University, Idaho National Laboratory, and the U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, published a document titled Curricular Guidance: Industrial Cybersecurity Knowledge.

The document is the result of many years of research aimed at formally answering the question: What knowledge should an industrial cybersecurity specialist have that is not included in traditional cybersecurity degree programs?

In spring 2022, ISACGA conducted a survey of professionals with an interest in or experience with industrial cybersecurity. The survey included up to 363 questions and received responses from 170 unique respondents.

Survey questions, responses, analyses, and decisions are available for public review, examination, and additional analysis on the ISAGCA website. While this is an impressive level of transparency for a programmatic guidance effort, the most exciting part is the guidance itself.

This 125-page document is an essential reference for students, instructors, administrators, and practitioners of industrial cybersecurity. It is organized around the analogy of a building with three components:

1. Environment
2.Foundation
3. Superstructure

The Industrial Operations Environment describes the contexts (business, geopolitical, professional, and industrial) in which industrial control systems and industrial cybersecurity exist. The Industrial Control Systems Foundation describes the elements (instrumentation and controls, process equipment, industrial networks and communications, and process security and reliability) that make up an industrial control system. The Industrial Cybersecurity Superstructure describes the elements (guidelines and regulations, common vulnerabilities, events and incidents, and defensive techniques) that most directly and intuitively relate to the provision of an industrial control system.

Each component is broken down into categories, topics, and subtopics to achieve a reasonable level of detail—up to six levels deep. While some topic names are identical to those found in traditional cybersecurity contexts, the study describes unique or special considerations for these topics in industrial and OT environments.

Curricular Guidance: Industrial Cybersecurity Knowledge is available at isagca.org. ISAGCA also hosted a webinar in April 2024 on the study for those seeking more detailed information. A recording of the webinar is available (registration required).

_{This article originally appeared on the ISAGCA website.}

---

---