DHS Industrial Control Systems Seminar

I spent the day at a Department of Homeland Security Computer Control Systems Security Awareness program. The fellows conducting the training, Jonathan and Julio, did a nice job presenting the material. The content was an excellent high-level fly over of information security with an emphasis on industrial control systems. Industrial control systems operate or monitor things like pharmaceutical production, municipal water systems, the electrical grid, and that kind of stuff. It would be great seminar for executives who need to learn more about what goes into securing information or production systems. Most of the audience today were IT people for whom the content should have been old hat, but may not have been. A couple of good ideas I picked up were a definition systems administrators' priorities as "a culture of making things work" and some recent survey data on computer crime. I looked up one of the referenced surveys at http://www.gocsi.com/ and was disappointed to find that it requires registration to download the free preview of the survey report--I really dislike that. Here is a similar survey without the registration hassle: http://www.consumerfraudreporting.org/internet_scam_statistics.htm. The surveys can be useful for raising executive security awareness.