Security incident database public access: SCADA, manufacturing, process control cyber security info

The newly formed, non-profit Security Incidents Organization announced it will provide public access to The Repository of Industrial Security Incidents (RISI).

July 29, 2009

The newly formed, non-profit Security Incidents Organization announced it will provide public access to The Repository of Industrial Security Incidents (RISI), it announced July 20. RISI is an industry-wide repository for collecting, investigating, analyzing and sharing critical information regarding cyber security incidents that directly affect SCADA, manufacturing and process control systems. With over 150 incidents, RISI is the largest known collection of industrial cyber security incidents.

Modeled after similar safety incident databases, RISI provides subscribers with reliable information that allows them to learn from others’ experiences, understand the risks associated with industrial cyber-threats and adapt their current security policies in step with changing industrial cyber-security dynamics.

RISI has a history dating back to early 2001, when academic researchers developed a database called the Industrial Security Incidents Database (ISID). In 2008 several private cyber security experts, building on ISID, began collaboration on the RISI project with a goal of making the information available to the entire industrial automation community.

The Security Incidents Organization was established in 2009 to fulfill this goal by operating the RISI database, researching incidents and making the results of that research publically available. For more information about The Security Incidents Organization or RISI log on to www.securityincidents.org .

Security Incidents Organization, founded in 2009, says it is a 501(c)(3) non-profit organization whose mission is to collect, investigate, analyze and share critical information regarding industrial cyber security incidents on a nondiscriminatory basis. Security Incidents is guided by an Advisory Board comprised of leading industrial automation users, consultants and suppliers, the group says.

Also read: Protecting Industrial Networks against Evolved Cyber Threats .

– Edited by Mark T. Hoske, electronic products editor, MBT www.mbtmag.com