A major hurricane hits Florida and takes out the power. Utilities from around the company sends linemen, substation engineers and other team members to help recover. A fire is raging in California. Fire companies from around the country send firemen and equipment to help fight the fire and protect property. Why can’t something similar be created to assist companies and industries whose critical ICS is under attack and compromised?
The ICS4ICS idea originated in a session Megan Samford gave at S4x20. After getting encouragement from the S4 tribe, Megan decided to make this happen. The ICS Global Cybersecurity Alliance (ISAGCA) has taken it on as a project. An initial group of asset owners, vendors and government talent has taken the first step of defining roles for the Command Structure, as shown in the diagram below.
Two of the roles are ICS specific:
ICS Systems Analyst
ICS Communications Analyst
Roles are a key element of an Incident Command System as it allows someone from the outside the organization to be inserted into the incident because a skill set and task list is consistently applied to the role. The ICS4ICS team is looking for feedback on these roles.
ICS4ICS is one of the S4 Projects selected from S4x20. Our role in this project is primarily creating and spreading content to gain awareness of the effort and encourage progress.