As the global authority on the value and significance of automation, the Automation Federation is at the vanguard of efforts to protect vital industrial assets and core sectors essential to national security and public safety from cyberattack.
That’s because industrial automation and control systems (IACS) serve as the operational underpinnings of industrial facilities and critical infrastructure, such as utilities, water and wastewater facilities, and financial, transportation and communications networks.
The risks of industrial cyberattack are growing and present serious threats to economic and national security as well as personal safety and welfare. Results of a recent survey by the Pew Research Center predicted that a major industrial cyberattack will occur in the US sometime within the next 10 years that will cause “widespread harm”—defined as significant loss of life or property losses/damage/theft in the tens of billions of dollars.
As the umbrella and outreach association of the International Society of Automation (ISA)—the developer of the world’s only consensus-based series of industrial cybersecurity standards (ISA/IEC 62443)—the Automation Federation is uniquely qualified and positioned to work with government and industrial leaders to mitigate IACS security vulnerabilities.
Upon request from the US federal government, representatives of the Automation Federation assisted in the creation of the US Cybersecurity Framework and helped to implement the provisions of the US Cybersecurity Enhancement Act of 2014. The ISA/IEC 62443 series of standards—representing a comprehensive approach to cybersecurity—are integral components of the US government’s current and future plans to combat industrial cyberattack.
At the invitation of the National Institute of Standards and Technology (NIST)—an agency within the US Department of Commerce—the Automation Federation plays a prominent role in organizing and participating in workshops designed to educate executives and manufacturing leaders on the vital need to implement recommended US Cybersecurity Framework guidelines.
The Automation Federation also partners with a wide range of other government organizations (such as the US Department of Energy, the Department of Homeland Security, the US Department of Labor and the US National Guard) and private-sector groups (such as the National Association of Manufacturers and the National Rural Water Association) as well as its own members and working groups to leverage the strengths of ISA/IEC 62443 in defense of cyberwarfare.
The Automation Federation laid the groundwork for a training contract ISA secured early in 2016 with the US National Guard. Under the contract, ISA provided industrial control systems cybersecurity training during the National Guard’s Cyber Shield exercise, which was held at Camp Atterbury, Indiana, in mid-April of 2016. More than 900 soldiers, airmen, Marines, sailors, and civilians representing 47 states and territories participated in the training event to assess their skills in responding to cyber-incidents.
ISA was chosen by the National Guard as an industry partner because of its leadership and experience in developing the world’s only consensus-based industrial cybersecurity standard (ISA/IEC 62443). Read the ISA press release and view the Cyber Shield 2016 video for more information.
The Automation Federation also is the host organization for the LOGIIC (Linking Oil and Gas Industry to Improve Cybersecurity) Program, an ongoing collaboration of major oil and natural gas companies and the US Department of Homeland Security, Science and Technology Directorate. LOGIIC conducts research and development projects to improve the level of cybersecurity in critical systems of interest to the oil and natural gas sector.