ICS-CERT assessments on the rise
More onsite cybersecurity assessments are being conducted by federal response teams for critical infrastructure providers.
Compared with last year, the overall number of visits federal cybersecurity experts have made to critical infrastructure providers is up significantly, according to DHS’ cybersecurity response team records.
Industrial Control System-Computer Emergency Response Teams (ICS-CERT) made a total of 35 onsite cybersecurity assessments across the 16 critical infrastructure sectors between May and June of 2017, according to the organization's bimonthly newsletter on its activities. In the same period in 2016, ICS-CERT reported it made a total of 21 visits to critical infrastructure providers.
The reports were part of the May-June ICS-CERT Monitor issued by the Department of Homeland Security’s National Cybersecurity and Communications Integration Center.
ICS-CERT provides onsite cybersecurity assessments of ICS providers’ facilities at the providers’ request. Those requests for visits can be precautionary or in response to an actual cybersecurity incident.
Of the 34 onsite assessments in across five of the 16 sectors, ICS said 11 were for its Cyber Security Evaluation Tool assessments, 13 were design architecture review assessments and 10 were network architecture verification and validation.
The energy sector saw eight visits in June 2017, compared to none in the same period of 2016, according to the reports. The dams sector saw six visits in June 2017, but also saw none in the same period in 2016.
The water and wastewater sector saw sustained visits with nine in May and six in June of 2017. In 2016, that sector saw seven visits in May and four in June, according to the reports.