• Home
• News
  • Business Continuity News
  • Regional news
  • Sector news
  • Events Diary
  • Newsletters
  • Newsfeed
• Jobs
• Topics
  • BC: Facilities & Buildings
  • BC: General
  • BC: Markets & Companies
  • BC: Plan Development
  • BC: Software
  • BC: Statistics
  • BC: Testing & Exercising
  • Crisis Comms & Management
  • Critical Infrastructure Protection
  • Disaster Recovery
  • Emergency Management
  • Enterprise Risk Management
  • Operational Risk Management
  • Pandemic Planning
  • PS Prep
  • Standards
  • Terrorism
• Technology
  • Cloud Computing
  • Data Center / Centre Issues
  • ICT Continuity
  • Information Security
  • Recovery Facilities
• Resources
  • Webinars
  • BC software directory
  • Newsfeed
  • Twitter
  • Advanced BC information
  • Advanced ICT information
  • Basic BC information
  • Basic ICT information
  • How to advertise
  • About us
  • Contact us
  • Privacy
• Newsletters
• Training

WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Mitigating attacks on industrial control systems: ENISA releases new guidance

The EU’s cyber security agency, ENISA, has provided a new manual for better mitigating attacks on industrial control systems (ICS), supporting industrial processes primarily in the area of critical information infrastructure. As ICS are now often connected to Internet platforms, extra security preparations have to be taken. This new guide provides the necessary key considerations.

‘Good practice guide for CERTs in the area of Industrial Control Systems’ highlights the following points:

• While for traditional ICT systems the main priority is integrity, for ICS systems availability is the highest priority. This has to do with the fact that ICS are indispensable for the seamless operation of critical infrastructure.
• The main ICS actors sometimes do not have sufficient cyber-security expertise. Likewise, the established CERTs do not necessarily understand sector-specific technical aspects of ICS.
• Given the potential significant damage of ICSs, the hiring process for ICS-CERC teams requires staff to be vetted thoroughly, and consideration should be given to many things, for example, an individual’s ability to perform under pressure and response willingness during non-working hours.
• The importance of cooperation at both the domestic and international level must be recognised.
• The unique challenges of ICS cyber-security services can be mitigated by using identified good practices for CERTs, existing global and European experiences, and better exchange of good practices.

Read the guidance.

•Date: 4th December 2013 • Europe/ UK •Type: Article • Topic: Critical infrastructure protection

Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.