1      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778633 - Securing Critical Infrastructure Through Cyber-Focused Procurement Language


Oct 20, 2021 10:30am ‐ Oct 20, 2021 11:30am



Credits: None available.

Description

We are all regularly buying, building and deploying vendor and contractor equipment, systems and services, but how do we know that the products and services purchased have appropriate levels of cybersecurity? Are vendors and contractors designing, building and operating their products with cybersecurity in mind? Are they consistently searching for and addressing cybersecurity weaknesses? Do they have secure supply chains ? This talk shares an approach for cybersecurity procurement language developed for the U.S. Army’s Office of Energy Initiatives that focuses on cybersecurity requirements for contractors designing, constructing and operating energy generating facilities within Army installations. These procurement cybersecurity requirements protect the installation lifecycle for operational technology networks and industrial control systems of contractor-owned and -operated systems.

Learning Objectives:
  • Understand the current landscape of cyber-focused procurement language, gaps that exist, and what procurement clauses and processes would enable systems to be secure throughout their lifespan.
  • Identify well written, quantifiable cybersecurity procurement clauses that can be measured and enforced.
  • Identify and construct cybersecurity procurement clauses applicable to their particular installation and application, which will serve throughout the lifecycle of the implementation.

Speaker(s):

Tags: Basic

Credits

  • 1.00 - CPE

You must be logged in and own this session in order to post comments.