Building a Resilient World: Practical Automation Cybersecurity

A Look at the Industrial Cybersecurity (ICS) Knowledge Survey

Written by Steven Aliano | Dec 7, 2021 10:30:00 AM

JUNE 2022 UPDATE: The results of the survey are available to download here.

The world needs control systems and automation engineering professionals who are prepared to protect and defend critical systems from cyber events and incidents. However, current cybersecurity educational standards miss the mark when it comes to control systems.

The International Society of Automation’s Global Cybersecurity Alliance (ISAGCA), Idaho State University (ISU), and Idaho National Laboratory (INL) request your help to determine a reasonable foundational set of knowledge needed to secure control systems—to which traditional IT, computer science, or cybersecurity students/professionals are not normally exposed.

The results of this Industrial Cybersecurity Knowledge Survey will inform and improve global efforts to educate and train professionals in this critical field.

Your Input Will Impact Future Education 

The ISA, ISAGCA, Idaho National Laboratory, and Idaho State University aim to create expert-driven consensus-based curricular guidance that training and education providers can confidently use to prepare tomorrow's workforce.

  • As a cornerstone to this effort, we are asking automation professionals and industrial cybersecurity practitioners to complete the Industrial Cybersecurity Knowledge Survey.
  • Your responses to the survey will be anonymous (names and contact information are not requested, and IP addresses are not collected). All survey information will be retained and hosted on a third party Qualtrics server and not on an Idaho State University server.
  • The survey takes about 20 minutes to complete.
  • To learn what else you can do to improve the industrial cybersecurity workforce, join the Industrial Cybersecurity Community of Practice.

Frequently Asked Questions (FAQs)

What is the purpose of the survey?

The survey aims to fill a gap in existing guidance for preparing industrial cybersecurity professionals. We are seeking to improve documents such as NIST NICE, CSEC 17, and NSA CAE KUs.

What is the survey like?

The survey has three parts: Respondent Background, Foundational ICS Knowledge, and ICS Cybersecurity Knowledge. It seeks to capture items that traditional IT, computer science, and cybersecurity students and professionals are not normally exposed.

How long does the survey take to complete?

Response time is typically 20-30 minutes.

Who is behind the survey?

The ISAGCA, ISU, and the INL have collaborated to create the survey.

Who can take the survey?

Anyone with a stakeholder interest in securing control systems may take the survey. It especially seeks input from those with professional experience in industrial automation and control systems.

How was this survey created?

The survey was created with input from industrial cybersecurity subject matter experts from the three supporting organizations.

How and when will the results be shared?

The results will be a publicly available curricular guidance document shared through the Industrial Cybersecurity Education and Training Community of Practice, ISAGCA, and ISU in Q1 2022.

Does the survey collect any personally identifiable information?

No.

Will all the responses be available for review and analysis?

Yes. The data set will be released as flat files at the same time as the curricular guidance document.

What information does the survey collect about the respondents?

The survey is anonymous, but it does ask respondents a series of questions about their educational and professional background. These answers will be used to characterize and correlate responses.

Can a survey respondent come back and finish their answers if they can’t finish right then?

Under certain circumstances respondents may return. This will depend on browser settings and/or cookie policies.

When will the survey close?

The survey will remain open through February 28th, 2022.

Can I send the survey link to a colleague?

Yes, please do!

How can I get involved in this effort?

To contribute to this effort, you may join the Industrial Cybersecurity Education and Training Community of Practice and the ISAGCA.

What educational resources for industrial cybersecurity are currently available?

A variety of resources exist, and the following are relevant examples: