CISA Adds Industrial Control System Specialists to Joint Cyber Defense Collaborative

Members of a new group of companies catering to the operational technology needs of critical infrastructure entities like power plants and water treatment facilities are now part of the Cybersecurity and Infrastructure Security Agency’s effort to work more closely—through voluntary agreement—with crucial private-sector partners, according to the agency.

The announcement comes as federal agencies warn that adversaries—which private-sector threat intelligence firms say are likely associated with a nation-state actor—have developed malware to specifically disrupt devices in the industrial control systems that run critical infrastructure. A warning Wednesday from CISA, FBI, NSA and counterpart agencies of international allies also flagged “demonstrated threats and capabilities” of Russian state-sponsored and criminal actors.

21 major internet service providers, cloud vendors and cybersecurity companies already participate in CISA’s Joint Cyber Defense Collaborative. The partnership, which looks to more quickly disseminate threat information and remediation efforts, including through a common Slack channel, will now include security vendors, integrators and distributors of industrial control systems, according to a press release Wednesday. 

“Cyber threats to the systems that control and operate the critical infrastructure we rely on every day are among our greatest challenges,” CISA Director Jen Easterly said. “As the destruction or corruption of these control systems could cause grave harm, ensuring their security and resilience must be a collective effort that taps into the innovation, expertise, and ingenuity of the ICS community. I’m excited to leverage our evolving JCDC platform to enable us to plan, exercise and collaborate with industry leaders to drive down risk to the systems and networks we depend on so greatly as a nation.”

Companies initially joining the JCDC’s ICS work include: Bechtel, Claroty, Dragos, GE, Honeywell, Nozomi Networks, Schneider Electric, Schweitzer Engineering Laboratories, Siemens and Xylem. Five of those—Claroty, Honeywell, Nozomi Networks and Tenable, which was already a JCDC member—are founding members of the OT Cyber Coalition, which formed April 12.

“Through its direct engagements with the US Government, the OT Cyber Coalition will encourage the adoption of interoperability and vendor-neutral cybersecurity characteristics, provide industry expertise, share feedback on public policy proposals and advocate for increased funding for federal OT cybersecurity,” according to a press release on the group’s formation.

The companies will specifically push for related cybersecurity dollars at federal agencies.

“The US Government spends billions of dollars protecting the enterprise IT infrastructure in its many departments and agencies,” the group’s website reads. “The Coalition will advocate for funding for federal civilian agencies to implement OT cybersecurity measures, including, among other things, asset and device inventory.”