ChemITC
When the U.S. Chemical Sector Cyber Security Strategy was originally published in 2002, chemical industry cyber security experts made a conscious decision to leverage work underway within existing external organizations and align its efforts with those who are working to achieve common goals. Working together at the sector level and representing chemical industry interests in the efforts of other organizations and government agencies has proven to be an effective way to bring useful methodologies and solutions to the chemical sector.
Following please find some of the external organizations that the Cyber Security Program works with extensively.
Chemical Sector Coordinating Council
The Chemical Sector Coordinating Council consists of various chemical industry trade associations who are committed to advancing the physical security, cyber security and emergency preparedness of the chemical sector infrastructure. The Department of Homeland Security (DHS), other federal agencies and other critical infrastructure sectors recognize the Coordinating Council as the primary liaison for any activities relating to chemical facility security and emergency preparedness issues. The Cyber Security Program leverages the Chemical Sector Coordinating Council as its channel to facilitate the adoption of cyber security practices and standards among the multitude of chemical companies – small and large – represented within our sector.
Department of Homeland Security (DHS)
DHS is the lead Federal agency for chemical sector security. In light of this, the Cyber Security Program has steadily worked to create a strong working relationship with DHS, specifically its National Cyber Security Division (NCSD), Infrastructure Compliance Standards Division (ICSD), Chemical Sector-Specific Agency (SSA) and others. Working closely with DHS on a number of initiatives in each of these areas positions the Cyber Security Program to advance its cyber security agenda, address emerging cyber security challenges and continue to ensure chemical sector cyber security efforts are aligned with DHS priorities. The Cyber Security Program Steering Team is the first point of contact for DHS, evaluating participation requests and soliciting volunteers from ChemITC member companies to participate in DHS projects.
ISA
The ISA99 Committee is working to establish standards, practices, technical reports and related information that will define procedures for implementing electronically secure manufacturing and control systems and security practices, as well as assessing electronic security performance. Several members of the Cyber Security Program’s Industrial Automation and Control Systems (IACS) Security Working Group have been active participants in the ISA99 Committee since its inception in 2002. These members represent chemical sector interests as the ISA99 Committee works to develop technical reports and standards for industrial automation and control systems security, and bring useful information back to the IACS Security Working Group.
Idaho National Laboratory (INL)
INL is one of only ten multi-program national laboratories owned by the U.S. Department of Energy that leverages national security signature capabilities and provides comprehensive critical infrastructure testing and technology development to DOE, DHS, other government agencies and industrial partners. The Cyber Security Program has been working with INL for several years through its Industrial Automation and Control Systems (IACS) Security Working Group. The Cyber Security Program provides feedback and chemical industry perspectives about various aspects of the program and materials in development, and continues to support INL research efforts in the area of control system security.
Institute for Information Infrastructure Protection (I3P)
The Institute for Information Infrastructure Protection (I3P) is a consortium of leading national cyber security institutions, including academic research centers, government laboratories and non-profit organizations. It was founded in September 2001 to help meet a well-documented need for improved research and development (R&D) to protect the nation's information infrastructure against catastrophic failures. Members of the Cyber Security Program’s Industrial Automation and Control Systems (IACS) Working Group are working with I3P on its Survivability and Recovery of Process Control Systems project, which represents the first concerted effort to make PCS broadly resistant to cyber disruption.
Useful Links to Additional External Organizations
In addition to the industry organizations described above, the Cyber Security Program has identified a variety of additional organizations that touch the many aspects of chemical sector cyber security, including government agencies, trade associations, IT and industrial automation and control system security resources and more.