Sunday, April 2, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About Us
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • USENIX Security '22 - Johannes Wikner, Kaveh Razavi - ‘RETBLEED: Arbitrary Speculative Code Execution With Return Instructions’
  • What is the impact of AI on cyber security awareness?
  • Developer Roll Up: March 2023
  • FusionAuth announces Pass-wordle™
  • 3CX Supply Chain Attack Campaign
Security Bloggers Network 

Home » Security Bloggers Network » The State of ICS: One Year Into the Cyber Executive Order

SBN

The State of ICS: One Year Into the Cyber Executive Order

by Mitch Jukanovich on May 29, 2018

It’s been a full year since the new administration issued its first cyber executive order, “Presidential Executive Order (EO) on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” with an emphasis on leadership accountability and a risk management approach to cybersecurity strategies, policies and practices. The EO also placed significant emphasis on the need for agency IT and cybersecu­rity personnel to expand their organization’s support for securing critical infrastructure (CI) assets.

TechStrong Con 2023Sponsorships Available

As the one -year milestone approached last week, news outlets attempted to gauge the progress – or the lack thereof – that has taken place since the order was issued. Some highlights included:

  • The National Security Council’s delayed cyber-deterrence strategy
  • The elimination of the White House Cybersecurity Coordinator
  • A new executive order strengthening CIO authority
  • Newly published agency strategies that reflect the EO’s mandates
  • The American Technology Council’s 1st year and its greatest accomplishment

If I were to summarize the headlines, I would probably say that progress has been “mixed”.

Tripwire recently released a report that is also being considered as an indicator of progress, specifically regarding the EO’s critical infrastructure security mandate. The “ICS Security in the Energy Industry” was conducted in March 2018, and its respondents included 151 IT and operational technology (OT) security professionals at energy and oil and gas companies, 28% of which self-identified as “government-managed” organizations.

Consistent with the indicators above, Tripwire’s data shows progress as “mixed” or “slow”.

On the one hand, we can view the glass “half-empty” (or mostly empty) by the fact that 81 percent of respondents from government-managed organizations still believe a cyberattack could result in a catastrophic event (approx. 10% higher than non-government managed organizations) and 64 percent view the probability of a security attack on ICS systems still as “likely” or “inevitable”.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Mitch Jukanovich. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/the-state-of-ics-one-year-into-the-cyber-executive-order/

May 29, 2018May 29, 2018 Mitch Jukanovich EO, Featured Articles, Federal, government, ICS, ICS Security, security
  • ← 6 Common Misconceptions About the Security of Blockchain Technology and Smart Contracts
  • Android Trojan Allows Hackers to Steal $8,000 Per Day from Russian Banks →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows
TSTV Podcast

Subscribe to our Newsletters

Most Read on the Boulevard

ChatGPT Less Convincing Than Human Social Engineers in Phishing Attacks
Should You Have Security Concerns When Partnering With a Third Party?
The Chasm Between Cybersecurity Confidence and Actual Ability
The Chip War’s Impact on Cybersecurity and the Supply Chain
Skyhawk Security Taps ChatGPT to Augment Threat Detection
How Ukraine’s Premier Electronics Retailer Ended Bot Attacks on its Digital Storefront
How the Dark Web is Embracing ChatGPT and Generative AI
Your Guide to The Top 15 Backend Languages For 2023
Debating SIEM in 2023, Part 2
ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits

Upcoming Webinars

Tue 04

Key Strategies for a Secure and Productive Hybrid Workforce

April 4 @ 1:00 pm - 2:00 pm
Wed 05

Securing Kubernetes With SentinelOne and AWS

April 5 @ 1:00 pm - 2:00 pm
Wed 05

From Vulnerable to Invincible: The Five-Step Journey to Complete Cloud Security

April 5 @ 3:00 pm - 4:00 pm
Wed 12

The State of Cloud-Native Security 2023

April 12 @ 1:00 pm - 2:00 pm
Thu 13

Case Study: Improving Code Security With Continuous Software Modernization

April 13 @ 11:00 am - 12:00 pm
Thu 20

Lessons From a Live Hack: Secure Your Cloud From the Inside

April 20 @ 3:00 pm - 4:00 pm
Mon 24

Securing Open Source

April 24 @ 1:00 pm - 2:00 pm
May 03

Top Phishing Trends and How to Stop Phishing Attacks

May 3 @ 1:00 pm - 2:00 pm
May 03

https://webinars.securityboulevard.com/ciso-panel-tips-for-optimizing-cloud-native-security-stack-in-2023?utm_campaign=2023.05.03_Aqua_Webinar_SB&utm_source=BMRegister

May 3 @ 3:00 pm - 4:00 pm
May 22

Ransomware

May 22 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Industry Spotlight

FINALLY! FCC Acts on SMS Scam-Spam — But Will It Work?
Analytics & Intelligence API Security Application Security Cloud Security Cyberlaw Cybersecurity Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight IoT & ICS Security Malware Mobile Security Most Read This Week Network Security News Popular Post Security Boulevard (Original) Security Operations Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

FINALLY! FCC Acts on SMS Scam-Spam — But Will It Work?

March 17, 2023 Richi Jennings | Mar 17 0
White House to Regulate Cloud Security: Good Luck With That
Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Featured Governance, Risk & Compliance Humor Incident Response Industry Spotlight Malware Most Read This Week Network Security News Popular Post Ransomware Securing Open Source Security Awareness Security Boulevard (Original) Security Operations Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

White House to Regulate Cloud Security: Good Luck With That

March 13, 2023 Richi Jennings | Mar 13 0
‘Extraordinary, Egregious’ Data Breach at House and Senate
Analytics & Intelligence API Security Application Security CISO Suite Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Ransomware Securing Open Source Security Awareness Security Boulevard (Original) Security Operations Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Extraordinary, Egregious’ Data Breach at House and Senate

March 10, 2023 Richi Jennings | Mar 10 0

Top Stories

Noname Security Extends Reach of API Security Platform
Application Security Cybersecurity Featured News Security Boulevard (Original) Spotlight Vulnerabilities 

Noname Security Extends Reach of API Security Platform

March 31, 2023 Michael Vizard | 1 day ago 0
Elastic Unfurls Cloud Security Platform for AWS
Cloud Security Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

Elastic Unfurls Cloud Security Platform for AWS

March 31, 2023 Michael Vizard | 1 day ago 0
Twitter Presses GitHub to Turn Over User Who Leaked Source Code
Cloud Security Cybersecurity Data Security Featured Incident Response Malware News Security Boulevard (Original) Social Engineering Spotlight Vulnerabilities 

Twitter Presses GitHub to Turn Over User Who Leaked Source Code

March 31, 2023 Teri Robinson | 1 day ago 0

Security Humor

Randall Munroe’s XKCD ‘Qualifications’

Randall Munroe’s XKCD ‘Qualifications’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.