ICS4ICS Exercise

Monday, 24 Jan 2022 at 2PM


The ISA Global Cybersecurity Alliance (ISAGCA) has been leading an effort to create an Incident Command System for Industrial Control Systems (ICS4ICS). Incident Command Systems have been developed and effectively used for years to address events with a major regional impact such as hurricanes, floods, and fires. The Incident Command System helps coordinate the efforts of the US Government, state and municipal agencies, companies and others to address the incident. Shouldn’t we have an Incident Command System for ICS?

A group of volunteers from industry, FEMA and CICSA have been working on ICS4ICS and are ready to run the first exercise/demonstration on ICS4ICS in action on a simulated incident with participants playing a variety of roles.

This exercise will be Monday, January 24th from 2PM – 5PM at the Fillmore Miami Beach, the S4x22 venue (in the room that used to house Stage 2: Technical Deep Dives). Anyone is welcome to attend, but you do need to register at ICSGCA site. A S4x22 ticket is not required to attend the ICS4ICS, but we hope you will look at the agenda and consider it.

From the ISAGCA Announcement:

“You are invited to observe the first Incident Command System for Industrial Control Systems (ICS4ICS) exercise at S4 on January 24, 2022 at 2PM ET in Miami! ICS4ICS is designed to improve global Industrial Control System cybersecurity incident management capabilities.

The S4 exercise will demonstrate how ICS4ICS works and showcase how it improves cybersecurity incident response for Industrial Control Systems. We will illustrate how an Incident Command System can be combined with cybersecurity processes and capabilities to manage cybersecurity incidents impacting Industrial Control Systems.

The ICS4ICS approach is funded by the ISAGCA with support from industry volunteers, FEMA, and DHS CISA. ICS4ICS guides companies, organizations, and municipalities in identifying an incident, assessing damage, addressing immediate challenges, communicating with the right agencies and stakeholders, and resuming day to day operations.”