Approximately 10 months ago, March 5th 2013, we announced the foundation of the Industrial Cybersecurity Center (CCI), as an independent organization whose mission is to promote and encourage industrial cybersecurity. Right away, we started the work to develop a solid ecosystem and its value-added international activities (I’m referring not just to ourselves, Nacho Paredes, Jose Valiente and myself, but I’m referring to all of you who has been key in the initiative success).
After this 300 days of the life of the Center, the initial expectations that we defined have been widely overcome, getting even above them. The best proof is the more than 300 members recruited as well as the sponsors from 21 different countries. We have welcomed more than 700 attendants to our “Voice of the Industry” events and to our International Congress; we have trained as well more than 100 professionals in our courses and workshops on Industrial Cybersecurity.
In addition, more than 100 organizations have answered the survey on which we have based our report on the Industrial Cybersecurity Landscape in Spain. Our weekly newsletter on Industrial Cybersecurity gets to more than 500 people. Besides that, the firs document developed, The Roadmap to Industrial Cybersecurity in Spain, 2013-2018, has been downloaded by 32000 worldwide.
The international and national impact of the initiative has been huge, actively cooperating with the main cybersecurity entities: ENISA, European Commision, Organization of American States (OAS), Department of Homeland Security (Government Presidency), INTECO (Ministry of Industry), CNPIC (Ministry of Interior) or CCN (CNI, Government Presidency) just to mention a few.
We have been included as members in ERNCIP (European Reference Network for Critical Infrastructure Protection), in the Industrial Automated Control Systems and Smart Grids Thematic Area, in the National Digital Trust Forum (Ministry of Industry) and in the International Steering Committee of GIAC/SANS of the new certification GICSP: Global Industrial Cybersecurity Professional as well as in the ISACA Global Cybersecurity Task Force.
Our success has been considered to be mentioned in several organizations and events all around the world, where we have been invited to present our success case and present our point of view and vision on Industrial Cybersecurity: from La Habana, to Chicago, Buenos Aires or Abu Dabi, as well as in Genoa, London or Vilnius, and not forgetting cities such as Miami or Atenas, we have presented and disseminated the initiative, encouraging Industrial Cybersecurity.
However, we are just starting. If we were speaking on basketball and on the NBA, all these success will have granted us the rookie category. What we really want is to develop a successful roadmap for all our ecosystem. For this reason, this first 300 days and 300 nights have been a first challenge to get even more interesting the next 300. This is in our heart for the activities planned for 2014.
We will keep working in the lined of Awareness and Cooperation, Training, Content Development and R&D. To achieve this, we have defined a wide event calendar with four Voice of the Industry events in the months of February (February 5th), May, September and December. ¡Attention! We are organizing as well two top level Iberoamerican conferences. The first one will be held in Colombia in June (next details regarding the exact venue and dates will be announced when they are available). The next one will be in October in Spain (details will be provided soon).
We will keep organizing new editions of our Critical Infrastructure Protection course (the next one will be organized in February in Barcelona by Internet Security Auditors). This courses will be organized this year as well in Buenos Aires (March) and in Madrid (July and November).
We have defined as well a publication roadmap for 2014. We will publish ten documents, of which four will be developed with the agreement and participation of all the Center and industrial cybersecurity elements. The remaining six will be direct publications from the Center.
The publications to be agreed will be the Best Practice Guide for Technical Cybersecurity Diagnostices in Industrial Environments, the bottom-line documents for the implementation of an Industrial Cybersecurity Management System (SGCI), an Industrial Cybersecurity Maturity Model , and the updating of the Industrial Cybersecurity Landscape in Spain in 2014.
The documents of direct publication will be: Global Cybersecurity Threats in Industrial Environments (Patrick Miller), Digital Oilfields Cybersecurity (Ayman Al-Issa), Scada and Cloud Computing (Eric Knapp), Industrial Cybersecurity Profesional Enablement (Auke Huistra), Secure Development for Industrial Applications (Simón Rosés), as well as International Organizations: The new target for international conflicts (Thiber).
Our “communication’s wizard”, José Valiente ( I know that Ana Pastor , the Spanish presenter must already be worried) will keep encouraging Knowledge Teams with his interviews and conversations to relevant authorities in what we have called “Industry Experiences”. These will be available in our collaborative platform: four short interviews and interactive panels with the person interviewed, summaries of international events and four interactive panels covering some of the objectives we have defined to improve the relationship and participation inside the community.
In addition, and considering the high international impact and interest about the Center in other countries, we have defined the objective of developing local communities in other regions through well-known and considered professionals that may coordinate and encourage its activities. As we announced before, Eric Knapp (who has been assigned a few days ago to lead the worldwide Cybersecurity Practice at Honeywell) will be our Chief Technical Advisor for North America . As Chief Technical Advisor for Middle East and based in Abu Dabi Ayman, we will count with Al-Issa, probably the most knowledgeable professional of cybersecurity in the petrol and gas sector and Digital Oilfields Cybersecurity Advisor in ADMA, OPCO.
But as you may remember, our main focus for the need of knowledge development is the Spanish Speaking community; so we are proud to announce that in addition to Spain we are going to start our activities in some Latin American countries such as Ecuador, through our friend and country coordinator for that country, Carlos Jumbo (InforC Ecuador Director).
But beware!! I bring two important news: Argentina, where our coordinator will be Claudio Caracciolo, President of ISSA Argentina and Ambassador of Eleven Paths ,and Colombia, with Leonardo Huertas (known as SamuraiBlanco by many of you), Colombia’s National CERT responsible from the last years and working in the Ministry of Defence for the last 20 years.
We have a strong beginning, don’t we? Well, these are just some of the news that we may share with you now. We are also starting some joint initiatives in Peru, Paraguay, Mexico, Taiwan, Japan and United Kingdom, but we will let you know later.
Industrial Cybersecurity is already a reality and a concern in many Boards of our company’s members; demand is increasing as we will see in our next report on the Industrial Cybersecurity Situation for Spain. Market offering is maturing as well, and technological solutions are being adapted. In general terms, everything is going through the right track. And all this, thanks to you…Without you, all these success and plans will not have been possible. From here, congratulations!! The success is yours.
In summary,we have a big year in front of us. For sure we are going to be very busy, but we are going to have fun. This is really our objective that all of us enjoy this starting new year. Let’s get it!! Happy 2014!!