Cyber Security News from the Ascentive Team
The SANS Institute announced today that Department of Homeland Security National Cyber Security Division and Idaho National Laboratory have won the 2011 U.S. National Cybersecurity Innovation Award for building Cybersecurity skills needed to defend the power grid and other control systems.
The Controls Systems Security Program (CSSP) at the Department of Homeland Security and Idaho National Laboratory have created a series of training programs for managerial and technical people in the industries using control systems (power, oil and gas, electrical, water, and several others) that are packed with up-to-date information on cyber threats and mitigations for vulnerabilities.
The goal is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber-attack against critical infrastructure control systems through risk-mitigation activities.
One innovative course provides intensive hands-on training on protecting and securing industrial control systems from cyber-attacks, including a Red Team/Blue Team exercise that is conducted within an actual control systems environment. This training has been transformational for technologists and managers who previously underappreciated the power of cyber-attacks or the ease at which they can be executed.
The Department of Energy – Office of Electricity Delivery and Energy Reliability has partnered with DHS to provide the Red Team/Blue Team training specifically to the energy sector asset owners and create lessons learned from the energy sector.
U.S. Department of Homeland Security and Idaho National Laboratory wins the 2011 National Cybersecurity Innovation Award for developing a long-term, common vision where effective risk management of control systems secturity can be realized through successful coordination efforts.
The National Cybersecurity Innovation Awards recognize developments undertaken by companies and government agencies who have developed and deployed innovative processes or technologies which are innovative in that it has not been deployed effectively before, can show a significant impact on reducing cyber risk, can be scaled quickly to serve large numbers of people, and should be adopted quickly by many other organizations. Nominations included most senior government officials involved with Cybersecurity as well as those from major Cybersecurity Information Sharing and Analysis Centers (ISACs). Corporations and individuals, including SANS instructors also nominated innovations and each nomination was tested by the SANS Institute research department. More than 50 nominations were received and 14 were selected.
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and by far the largest source for information security training and security certification in the world. In addition to world-class training, SANS offers certification via the ANSI accredited GIAC security certification program. SANS offers a myriad of free resources to the Infosec community including consensus projects, research reports, newsletters, and it operates the Internet’s early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.