ENISA’s recommendations for Certifying ICS/SCADA professionals

The convergence between Operations Technology (OT) for industrial processes and Information Technology (IT) raises the need for the security of ICS/SCADA systems but also for qualified professionals. Currently there is limited awareness of the available certification schemes in the sector which results in few qualified professionals.

The complexity of ICS/SCADA systems lays mainly with its multi-disciplinary character (cyber security, operations and information technology) and the broad range of sectors using industrial systems (such as automation, energy, chemical, pharmaceutics, energy etc.). As such, ICS/SCADA systems display differences in their processes, operational procedures, and consequences.

A main challenge of current certification schemes is managing the convergence of cyber security and operations technology. Another is the complexity of different and multi-levelled professional profiles and roles from a functional point. Furthermore, it is necessary to raise the relevance, credibility and strength of future certifications for ICS/SCADA cyber security, by obtaining the support of professional associations.

The report proposes a series of recommendations to harmonize the certification of skills for ICS/SCADA professionals in Europe. These recommendations are relevant for both public and private sector across the EU.

  • an independent steering committee should assess current global or national certification schemes and define a European Cyber Security certification scheme for ICS/SCADA professionals. This is important to achieve the degree of measured knowledge applicable to industrial operations.
  • certifications should be multi-level to reach a wide range of professionals from different fields of practice, including operational and managerial topics, and practical aspects.
  • a certification scheme should be established with management content. This would add value, ensuring that managers are qualified to make the right decisions in crisis situations.
  • a simulation environment should be developed both for training purposes and for testing practical skills.

ENISA’s Executive Director Udo Helmbrecht said: “ICS/SCADA cyber security is at the core of many industrial processes and a growing field which will present commercial and industrial opportunities. Specialised schemes certifying the skills of cyber security experts working on ICS/SCADA would be advantageous to industry sectors and sub-sectors, and important in ensuring the level of cyber security across Europe”.

For full report: Certification of Cyber Security skills of ICS/SCADA professionals

www.enisa.europa.eu

 

Ähnliche Artikel

Der E-Commerce-Umsatz der Top-100-Onlineshops in Deutschland konnte auch im Jahr 2018 ein zweistelliges Umsatzwachstum erzielen und schafft eine Steigerung von 10,2 Prozent auf 33,6 Milliarden Euro. Dies geht aus…

Bluecode kooperiert jetzt mit cashpresso, um Mobile Payment in Österreich und Deutschland weiter zu etablieren. Nutzer von cashpresso können dadurch jetzt mit ihrem Smartphone am POS bezahlen. Der Bezahlvorgang…

Rund ein Jahr nach Einführung der digitalen girocard in Deutschland verzeichnet die Deutsche Kreditwirtschaft stetig wachsendes Interesse an Mobile Payment. Die Sparkassen waren Ende Juli und die Volksbanken Mitte…

Kommentar oder kurze Frage loswerden?

Kein problem!

  • Dieses Feld dient zur Validierung und sollte nicht verändert werden.