Critical National Infrastructure comprises the essential services upon which daily life in the UK depends. It includes sectors such as energy, water, transport and communications, each providing services which are most critical to the running of the UK. Without these, the UK could suffer serious consequences, including severe social disruption or even loss of life.
The task of protecting these critical services is becoming more complex as providers become increasingly reliant on modern industrial control systems (ICS) to deliver their core operations. These systems are constructed from commercial, connected technologies – so while they deliver significant cost and performance benefits, they also dramatically increase the threat of cyber-attacks that could result in a security breach.
Managing these new inherent risks requires a structured approach. In response to this need, and in support of the UK Government’s cyber security strategy, PA prepared a suite of ICS guidance documents. These have been published by the Centre for the Protection of National Infrastructure (CPNI) and the UK’s National Technical Authority for Information Assurance (CESG).
The Security for Industrial Control Systems (SICS) framework provides organisations with practical guidance and tools to develop a thorough understanding of ICS risks and reduce the likelihood and potential impact of a cyber-incident.
The SICS framework has been welcomed by UK industry and is also being adopted by organisations overseas. It is set to play a key role in helping to protect vital infrastructure, while ensuring that businesses can continue to unlock the benefits of valuable new technologies.
The guidance documents and accompanying materials are available on the CPNI website.