This report provides an overview and summary analysis of on-site assessments conducted by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in Fiscal Year 2014.
ICS-CERT is a component of the National Cybersecurity and Communications Integration Center (NCCIC), a division with the Department of Homeland Security’s (DHS) Office of Cybersecurity and Communications (CS&C).
ICS-CERT’s mission is to reduce risk to the Nation’s critical infrastructure by strengthening control systems security and resilience through public-private partnerships.
...This report contains the following core elements:
• An overview of ICS-CERT’s Assessment Program, including a description of the assessment products and services ICS-CERT provides.
• Quantitative and qualitative summaries of assessment types, geographic location, and critical infrastructure sectors assessed in FY 2014.
• Assessment findings for FY 2014, including common ICS vulnerabilities and cybersecurity weaknesses.
• Guidance to assist critical infrastructure owners and operators in reducing cyber risk and enhancing industrial control systems security.
• Information for stakeholders interested in requesting an assessment and learning more about ICS-CERT and its programs.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program