Cyber Working Group Meeting with Chris Butera, Technical Director, Cybersecurity Division, CISA: Critical Infrastructure Control Systems Cybersecurity Performance Goals
Details
Thursday, October 7, 2021
3:00 PM - 3:45 PM (UTC-04:00) Eastern Time (US & Canada)
About the Event
Chamber Cyber Working Group members are invited to a virtual discussion on the Cybersecurity Performance Goals with Chris Butera, Cybersecurity Division, CISA. On background, CISA published the Cybersecurity Performance Goals on September 21. They were one of the due outs from President Biden’s July 2021 National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. The goals are intended to provide a common understanding of the baseline security practices for critical infrastructure control systems to protect national and economic security, as well as public health and safety.
The nine category-based goals are:
- Architecture and Design
- Configuration and Change Management
- Continuous Monitoring and Vulnerability Management
- Incident Response and Recovery
- Physical Security
- Risk Management and Cybersecurity Governance
- Supply Chain Risk Management
- System and Data Integrity, Availability and Confidentiality
- Training and Awareness
https://www.cisa.gov/control-systems-goals-and-objectives
For more information on the meeting, please reach out to Vince Voci, VP for Cyber Policy at email: vvoci@uschamber or cell: 202-450-8632
- CISA Cyber Essentials (https://www.cisa.gov/cyber-essentials)
- CISA Cybersecurity Best Practices for Industrial Control Systems (https://www.cisa.gov/publication/cybersecurity-best-practices-for-industrial-control-systems)
- CISA Pipeline Cyber Risk Mitigation Infographic (https://www.cisa.gov/publication/pci-cyber-risk-infographic)
- CISA Recommended Practice: Defense in Depth (https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_CONTROL SYSTEM-CERT_Defense_in_Depth_2016_S508C.pdf)
- Chemical Facility Anti-Terrorism Standards (CFATS) Risk-Based Performance Standards Guidance (https://www.cisa.gov/publication/cfats-rbps-guidance)
- NRC Draft Regulatory Guidance (DG)-5061, “Cyber Security Programs for Nuclear Power Reactors.” (https://www.nrc.gov/docs/ML1801/ML18016A129.pdf)
- NIST SP 800-82, Rev 2, “Guide to Industrial Control Systems (ICS) Security.” (https://csrc.nist.gov/publications/detail/sp/800-82/rev-2/final)
- NISTIR 8183, Rev 1, “Cybersecurity Framework Version 1.1 Manufacturing Profile.” (https://csrc.nist.gov/publications/detail/nistir/8183/rev-1/final)