
InstMC Cyber SIG
The SIG has over 500 members interested in Industrial/OT/ICS Cyber Security. Automation, Control, Networks, and Intelligent Devices all require security considerations.
The CyberSIG meets to work on projects to aid the wider community's understanding through pathways, flowcharts, presentations, events, guides, etc.
If you can help or want to ask questions, come to our meetings and ask away!
We are a friendly and helpful bunch.
Exchange Network
2025
June - Mike Holcom; How to get into ICS/OT Cyber Security.
[due 26.06.2025 - Plesae return]
April - Developing Incident Response for 3rd party incidents.
In his presentation, Colin Topping delved into the critical issue of supply chain compromise, a leading cybersecurity threat identified by ENSA research. He discussed notable incidents such as the SolarWinds backdoor, the Mimecast man-in-the-middle attack, and the Kaseya ransomware attack. These incidents, collectively, had a profound impact on thousands of businesses, underscoring the gravity of the situation. Colin also introduced the ROSE taxonomy, advocating for a comprehensive approach to supply chain risk management. This approach includes risk assessment, ownership accountability, service level agreements, and end-to-end security measures. We extend our gratitude to Colin for his insightful presentation and to those who attended. We have provided links to the topics covered in the presentation and to Colin's paper, which was the basis for the presentation. The links are correct at the time of publication, but please be mindful that they have been modified or substituted after publication.
Developing Incident Response for 3rd party incidents - [To Follow]
2024
August - An Introduction to IES 62443
Victor Louth of Schneider Electric presented our inaugural Exchange Network session on 22nd August 2024. The IEC suite of standards within 62443 is largely seen as good practice within the ICS/OT Cyber community; many organisations, including various UK Government bodies, refer to it.
In the session, Victor described aspects of the IEC 62443 suite of standards covering ICS/OT Cyber Security, providing a good summary and reference.
We have provided our SIG members with a copy of the presentation and a paper by Schneider Electric, Practical Overview of Implementing IEC 62443 Security Levels in Industrial Control Applications.
An Introduction to IES 62443 - Slide Deck / Paper