CybersecurityDHS, Idaho lab win cybersecurity innovation award

Published 28 December 2011

The Controls Systems Security Program (CSSP) at DHS and Idaho National Laboratory have created a series of training programs for managerial and technical people in the critical infrastructure sector that are packed with up-to-date information on cyber threats and mitigations for vulnerabilities

The SANS Institute announced that DHS National Cyber Security Division and Idaho National Laboratory have won the 2011 U.S. National Cybersecurity Innovation Award for building cybersecurity skills needed to defend the power grid and other control systems.

The Controls Systems Security Program (CSSP) at DHS and Idaho National Laboratory have created a series of training programs for managerial and technical people in the industries using control systems (power, oil and gas, electrical, water, and several others) that are packed with up-to-date information on cyber threats and mitigations for vulnerabilities.

The goal is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber-attack against critical infrastructure control systems through risk-mitigation activities.

One innovative course provides intensive hands-on training on protecting and securing industrial control systems from cyber-attacks, including a Red Team/Blue Team exercise that is conducted within an actual control systems environment.  This training has been transformational for technologists and managers who previously underappreciated the power of cyber-attacks or the ease at which they can be executed.

The Department of Energy - Office of Electricity Delivery and Energy Reliability has partnered with DHS to provide the Red Team/Blue Team training specifically to the energy sector asset owners and create lessons learned from the energy sector.

SANS says that DHS and Idaho National Laboratory wins the 2011 National Cybersecurity Innovation Award for developing a long-term, common vision where effective risk management of control systems security can be realized through successful coordination efforts.

SANS explains that the National Cybersecurity Innovation Awards recognize developments undertaken by companies and government agencies who have developed and deployed innovative processes or technologies which are innovative in that it has not been deployed effectively before, can show a significant impact on reducing cyber risk, can be scaled quickly to serve large numbers of people, and should be adopted quickly by many other organizations. Nominations included most senior government officials involved with Cybersecurity as well as those from major Cybersecurity Information Sharing and Analysis Centers (ISACs).  Corporations and individuals, including SANS instructors also nominated innovations and each nomination was tested by the SANS Institute research department. More than fifty nominations were received and fourteen were selected.