Organizationally, the Industrial Control Systems Joint Working Group is a partnership between federal agencies and private ICS owners.
Fu said if ICS operators would simply use the formula established by the National Institute of Standards and Technology, they would substantially improve their security.
“You need to think about the risks, about what controls you’re putting in place to mitigate them, and then how you are measuring them to see if those controls are effective,” he said. “People tend to forget the third one, but it’s very important.”
Sign up for CIO Asia eNewsletters.