TRENDING:

InfoSec Program Revisions Suggested

IG Evaluates DHS's Control Systems Security Program Eric Chabrow (GovInfoSecurity) • September 1, 2009    
InfoSec Program Revisions Suggested
Homeland Security's inspector general contends that the department's Control Systems Security Program, or CSSP, can become more effective in helping secure the nation's critical IT infrastructure.

The program coordinates the cybersecurity efforts for control systems between the public and private sectors. DHS's National Cybersecurity Division (NCSD), the program's sponsor, facilitates cybersecurity information sharing with the public.

"While NCSD has made progress in implementing a cybersecurity program for control systems, opportunities still exist for improvements to its CSSP," DHS's IG said in a report dated Aug. 12 but made public Tuesday. Among the IG's recommendations, the division should:

Encourage more information sharing of critical infrastructures' needs, threats and vulnerabilities between the public and private sectors;

Increase the number of cybersecurity vulnerability assessments performed in order to reduce the overall risk to current operational control systems;

Establish enhanced performance measures to ensure its mission and goals are attained as they relate to the program; and

Expand the division's education, training, and awareness program to improve the public and private sector personnel's knowledge of control systems cybersecurity.

In its response, DHS officials concurred with most of the recommendations, noting that the division has or is in the process of implementing them.

The IG reviewed the program to determine its effectiveness in improving cybersecurity for control systems within the nation's critical infrastructure and key resources. "Control systems are vital to the operation of production systems within factories and plant facilities across the nation," the report said. "They are used in industries, such as chemical, electric, oil and natural gas, and water and wastewater treatment. A disruption in control system operations may result in the loss of productivity and life, and have a negative impact on the economy and national security."

Previous
Data Breach Trends - Mary Monahan, Javelin Strategy & Research
Next
Security Metrics Pose Challenge to Researchers

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare
Securing OT and IoT Assets in an Interconnected World
Securing OT and IoT Assets in an Interconnected World
Are We Facing a Massive Cybersecurity Threat?
Are We Facing a Massive Cybersecurity Threat?
How to Simplify Data Protection within your Organization
How to Simplify Data Protection within your Organization
Integrating Generative AI Into the Threat Detection Process
Integrating Generative AI Into the Threat Detection Process
Why Cyber Defenders Need Partnerships, Tools and Education
Why Cyber Defenders Need Partnerships, Tools and Education
What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Top Privacy Considerations for Website Tracking Tools
Top Privacy Considerations for Website Tracking Tools
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.