Ready, Set…Hang On, Maybe We Are Not Ready


Recently, the NATO Cooperative Cyber Defence Center of Excellence (CCDCOE) executed their annual Locked Shields exercise in which participating blue team countries defended networks from a NATO-supported red team attacks. In 2016, participating countries saw industrial control systems added to the list of cyber assets they were required to defend. So, how did the U.S. do in this exercise? Unfortunately, in its inaugural year of 2016, the U.S. came in dead last amongst 19 other countries. In 2017, the U.S. finished 12th out of 25 countries. Ok, not bad. We jumped from 19th to 12th in just one year. We are clearly getting better. But wait…hang on a second…maybe not.

Assuming the six newly added countries finished towards the bottom, then the U.S. team may have only jumped one spot higher in the rankings against its previous year’s peers. Not good! At best, we are making modest gains from lessons learned. A more cynical view is that there are 11 other countries who are better prepared than the U.S. to protect their nations’ critical infrastructures.

PLCs and other industrial control systems are at the heart of ensuring reliability and safety in industrial process facilities and power plants. Were these systems compromised by an adversary in the real world – whether internal or external – we risk losing power to our homes, drinking contaminated water from our faucets, running out of gasoline for our cars, or experiencing other events that would fundamentally alter our daily lives. What was particularly concerning about the 2016 exercise is that the U.S. adopted the tactic of turning off the industrial control systems to protect them from compromise. Turning off a PLC or DCS is a completely unusable strategy in a refinery or chemical plant. Thankfully, in 2017, they left the ICS running. Progress, I suppose.

It is good we participate in these kinds of exercises as sunlight is the best sanitizer, but if the U.S. is finishing in the middle of the pack and the Czech Republic and Estonia are taking first and second place respectively, then the U.S. needs to take a long look in the mirror. To quote the great bard, Ricky Bobby, “if you’re not first, you’re last.” This is particularly true for the systems that run U.S. critical infrastructure.


Share this post


Comments

Comments
Gynaecology & Infertility Medicine Manufacturers in India
Visit PharmaFlair - B2B Pharma Marketplace to Discover WHO GMP Gynaecology & Infertility Medicine Manufacturers in India. Get Verified Business Info & Contact detail of top ISO certified Gynae products Manufacturers & Suppliers at PharmaFlair. If you are looking for Gynae Third Party Manufacturing connect with GMP manufacturers in India.
6/7/2021 12:11:45 PM
 
Injection PCD Franchise Company in India
We are leading Injection PCD Franchise Company in India - PharmaFlair has more than 200 WHO GMP Pharma Injectable PCD Franchise Companies listed & offering best Quality Injection Range at best Price in India. Find Verified Contact detail of Top Quality Critical Injection PCD franchise Companies at PharmaFlair
6/7/2021 12:08:33 PM