Water ISAC to Host Two Webcasts to Help Utilities Reduce Cyber Risks to IT and Industrial Control Systems

WaterISAC is hosting two webcasts in July and August about cybersecurity best practices, services, and tools. These webcasts are open to members and non-members without charge.

  1. NIST Cybersecurity Framework, Getting Started in the Water Sector

DATE:       Tuesday, July 22, 2014
TIME:        2:00-3:15 PM (eastern)
REGISTER:  Click this link Register Now

The NIST Cybersecurity Framework is a set of best practices derived from consensus-based IT and industrial control systems security standards. Water and wastewater systems are not legally required to implement the Framework, but the Federal government is urging all critical infrastructure owners and operators to do so voluntarily in order to reduce their risks from possible cyber attacks against their IT and industrial control systems.

The goal of the webcast is to help the water sector get started using the Framework by providing attendees a basic understanding of its components and recommendations. The webcast will also highlight various programs, guidance and tools to help the water sector implement the Framework, such as the AWWA Cybersecurity Guidance & Tool.

2. Cybersecurity Assessments and Tools by DHS

DATE:  Wednesday, August 20, 2014
TIME:        2:00-3:00 PM (eastern)
REGISTER:  Click this link Register Now

Cybersecurity services and tools offered by the U.S. Department of Homeland Security (DHS) include free, confidential onsite cybersecurity assessments conducted by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) as well as the Cyber Security Evaluation Tool (CSET). CSET is a downloadable tool developed by cybersecurity experts under the direction of ICS-CERT to help users assess the security posture of their cyber systems and networks.

Presenters will also discuss the Cyber Resilience Review (CRR) provided by DHS’s U.S. Computer Emergency Readiness Team (US-CERT). The CRR measures the operational resilience of a specific critical service to provide participants with a detailed report containing options for consideration. It is a voluntary assessment that can either be conducted via a facilitated one-day workshop or as a self-assessment; the CRR Self-Assessment Kit is meant to complement the NIST Cybersecurity Framework.

QUESTIONS?  Contact WaterISAC if you have any questions about either webcast.