CISA’s Role in Industrial Control Systems

To sustain our way of life, our nation depends on the continuous and reliable performance of an extensive and interconnected critical infrastructure (CI) sectors and functions. 

Although each of the 16 CI sectors, and associated critical functions, are different, they share one thing in common—they are all dependent on industrial control systems (ICS) to monitor, control, and safeguard their critical processes. 

The Cybersecurity and Infrastructure Security Agency (CISA) mission is to promote a cohesive effort between government and industry that will improve CISA’s ability to anticipate, prioritize, and manage national-level ICS risk. The CISA assists control systems vendors and asset owners/operators to identify security vulnerabilities and develop sound, proactive mitigation strategies that strengthen their ICS cyber security posture.  

The ICS owners and operators face threats from a variety of adversaries whose intentions include gathering intelligence and disrupting National Critical Functions. Our adversaries are driven, imaginative, and persistent. Accordingly, CISA and ICS community strive every day to be agile enough to counter them.

On July 28, President Biden issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems that formally announced the Industrial Control Systems (ICS) Cybersecurity Initiative.

On Sep. 21, CISA published preliminary cross-sector critical infrastructure control system cybersecurity performance goals and objectives. CISA and National Institute of Standards and Technology (NIST) worked together to develop these preliminary goals and objectives that were developed and refined with as much interagency and industry input as practical for the initial timeline using existing coordinating bodies.  DHS expects to conduct much more extensive stakeholder engagement as the goals are finalized in the coming months



Was this webpage helpful?  Yes  |  Somewhat  |  No