AUSTIN, Texas, August 18, 2020 - Dispel today announced their collaboration in the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) Protecting Information and System Integrity in Industrial Control System Environments Project.
Manufacturing organizations that rely on industrial control systems (ICS) to monitor and control physical processes that produce goods for public consumption are facing an increasing number of cyberattacks.
In this new project, the NCCoE, in conjunction with the NIST Engineering Laboratory (EL) and industry collaborators, will highlight how an organization can take a comprehensive approach to securing ICS within the manufacturing sector by leveraging the following cybersecurity capabilities: behavioral anomaly detection, security incident and event monitoring, ICS application whitelisting, malware detection and mitigation, change control management, user authentication and authorization, access control least privilege, and file integrity-checking mechanisms.
The goal of the project is to demonstrate an example solution that protects the integrity of data from destructive malware, insider threats, and unauthorized software within manufacturing environments that rely on ICS. The NCCoE will map the security characteristics to the NIST Cybersecurity Framework; the National Initiative for Cybersecurity Education Framework; and NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, and will provide standards-based security controls for manufacturers. Additionally, NIST will implement each of the listed capabilities in two distinct but related existing lab settings: a discrete-based manufacturing workcell and a process control system that resembles what is being used by chemical manufacturing industries. This project will result in a freely available NIST Cybersecurity Practice Guide.
Dispel is joined by collaborators CyberX, Dragos, GreenTec USA, ForeScout Technologies, OSIsoft, Radiflow, Tenable, TDi Technologies, and VMware in supporting the NCCoE.
About the NCCoE
The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses' most pressing cybersecurity challenges. Through this collaboration, the NCCoE develops modular, easily adaptable example cybersecurity solutions demonstrating how to apply standards and best practices by using commercially available technology.