By Isiah Jones, MPS, CISSP, GICSP, C|CISO, Director, ICS Cyber Security Engineering
So, who would even benefit from this ICS Security Manager as a Service concept? The simple answer is every asset owner and operator with ICS assets that monitor and control any part of their operations. Any critical infrastructure sector that leverages automation and control systems to monitor and control critical infrastructure assets and operations can benefit from ICS Security Manager as a Service. A more specific list of immediate winners are as follows (this list is not complete or exhaustive):
- Electric cooperatives
- Water and wastewater
- Oil and gas pipelines
- Ships and ports
- Rail and urban public transit systems
- Agriculture and food processing
- Hospitals, Labs, and Clinics
- Fire, life safety and facilities management
- Small and mid-size businesses that own and operate critical infrastructure assets
- Large asset owners and operators with no single authoritative role for ICS security
- CISOs, CSOs, CIOs and or critical operations managers and business unit owners who have been tasked with the responsibility of ICS security for their assets
- ICS Vendors, integrators, EPCs
Asset owners need skilled allies in their efforts to improve and secure some of our most vital infrastructures. They do not always need, nor can they always afford, the traditional consulting firm contractor staff augmentation and advisory service or MSSP SOC and incident response only services or product plug and play. Asset owners, especially the small to mid-market owners and operators, need a continued partner providing ICS Security Manager services on an as needed yet continued retainer style basis.
This gives the asset owners the ability to have access to a cadre of experienced ICS Security Managers as a Service instead of being limited by staff augmentation assignment to a specific role for various tasks. Also, unlike just a CISO the ICS Security Manager as a Service brings in technical hands-on abilities and creates an ICS focused buffer to help operations manage interactions with the CISO, IT and other stakeholders concerned with ICS security within an organization who don’t have both detailed cyber and ICS experiences.
Contact LEO Cyber Security today to learn more about how we can help you with your ICS Security Manager as a Service goals or even train other organizations how to provide it.
[gravityform id=”1″ title=”false” description=”false”]