PM-15: CONTACTS WITH SECURITY GROUPS AND ASSOCIATIONS

PROGRAM MANAGEMENT & INDUSTRIAL CONTROL SYSTEMS

ICS Control Baselines:
Program Management is baseline independent.

The organization establishes and institutionalizes contact with selected groups and associations within the security community:

a. To facilitate ongoing security education and training for organizational personnel;
b. To maintain currency with recommended security practices, techniques, and technologies; and
c. To share current security-related information including threats, vulnerabilities, and incidents.

SUPPLEMENTAL GUIDANCE

Ongoing contact with security groups and associations is of paramount importance in an environment of rapidly changing technologies and threats. Security groups and associations include, for example, special interest groups, forums, professional associations, news groups, and/or peer groups of security professionals in similar organizations. Organizations select groups and associations based on organizational missions/business functions. Organizations share threat, vulnerability, and incident information consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

ICS SUPPLEMENTAL GUIDANCE

No ICS Supplemental Guidance.

SI-5 — SYSTEM AND COMMUNICATIONS PROTECTION | DENIAL OF SERVICE PROTECTION

CONTROL ENHANCEMENTS

NO CONTROL ENHANCEMENTS

REFERENCES:

NIST Special Publication 800-82 | GUIDE TO INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY