Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

ICS4ICS Launches First Ever Exercise at S4

The first exercise of Incident Command System for Industrial Control Systems (ICS4ICS) capabilities was conducted at S4 on April 18, 2022. The exercise was attended by over 300 people who provided very positive feedback and suggestions to improve future exercises. The attendees said that the ICS4ICS process will be extremely valuable, particularly as the complexity of cybersecurity incidents continue to increase and cause greater impact to critical infrastructure. Megan Samford summarized the results of the ICS4ICS Exercise, which can be viewed here.

There are two videos from the ICS4ICS exercise:

We appreciate your feedback and any suggestions to improve the ICS4ICS process and/or the ICS4ICS exercise. If you have any feedback, please send it to bpeterson@isa.org.

We Need Your Help

We are working to deploy and improve the ICS4ICS program and need your help in the following areas:

  • Update the ICS4ICS Exercise materials used at S4 to ensure they can be used globally.
  • We are seeking more volunteers to work with several groups to conduct ICS4ICS exercises in numerous countries and industry sectors.
  • Create the next version of ICS4ICS that addresses more complex, Type 2 incidents impacting multiple assets/sites for a company. We will also add mutual aid processes, IT recovery for the ICS4ICS, and many other capabilities.
  • Presenting ICS4ICS at various events to create awareness about the program.
  • Obtaining credentials to perform various ICS4ICS roles.
  • If you are interested in receiving more information about ICS4ICS, please sign-up for the newsletter by emailing Brian Peterson at bpeterson@isa.org.

If you would like to help with these efforts, please complete the form located here.

About ICS4ICS

The ISA Global Cybersecurity Alliance has joined forces with the Cybersecurity and Infrastructure Security Agency (CISA) and cybersecurity response teams from more than 50 participating companies to adopt FEMA's Incident Command System framework for response structure, roles, and interoperability. This is the system used by First Responders globally when responding to hurricanes, floods, earthquakes, industrial accidents, and other high impact situations.

The ICS4ICS approach guides companies, organizations, and municipalities in identifying an incident, assessing damage, addressing immediate challenges, communicating with the right agencies and stakeholders, and resuming day to day operations.

The adjudication process, managed by a formal committee within ICS4ICS, consists of an application process and panel of incident command system (ICS) subject matter experts who evaluate the candidate’s submittal. Interested companies and organizations can engage with ICS4ICS to learn how they can participate in this multilateral preparedness scheme for responding to cyber incidents. There are no membership requirements to participate, and we are seeking broad engagement from both the private and public sectors.

Brian Peterson
Brian Peterson
Brian Peterson is an Information Risk Consultant who works for LOGIIC and other companies as a program and project manager. Mr. Peterson has been the project manager for LOGIIC for over 15 years. Mr. Peterson has 30 years of cybersecurity experience of IT systems, applications, and SCADA/DCS systems, such as those used in the oil and gas, and manufacturing sectors. In the last 20 years, he has concentrated on performing research of security technologies and to develop programs and implementation tools for Information Security, ICS Security, and other risk programs.

Related Posts

North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and ISA/IEC 62443 Comparative Analysis

The Utilities Technology Council and Cumulys recently prepared a report in partnership with the ISA Globa...
Kara Phelps Dec 13, 2024 7:00:00 AM

Securing PLCs Through the Backplane: Balancing Performance and Simplicity

With the increasing convergence of operational technology (OT) and information technology (IT), the need ...
Ashraf Sainudeen Dec 6, 2024 7:00:00 AM

Practical Insights for Implementing Control System Security

Introduction In this blog post, we’ll share practical insights from operational experience in managing cy...
Pinakin Gokhale Nov 29, 2024 7:00:00 AM