"INL Researchers Publish Book to Prevent Cybersecurity Disruptions, Train Workforce"

Andy Bochman and Sarah Freeman, two cybersecurity researchers at Idaho National Laboratory (INL), published a new book titled "Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering." The researchers wrote the book to help train employees at public utilities to identify cybersecurity vulnerabilities and develop methods for defending their networks against cyberattacks. Their book provides details about INL's think-like-the-adversary cybersecurity approach called Consequence-driven Cyber-informed Engineering (CCE), developed to improve the security of water treatment facilities, oil and natural gas refineries, the electric grid, and other critical infrastructure systems. The researchers emphasize that much of the technology implemented to control operations at many public utilities were developed in the pre-internet era. Therefore, this technology lacks modern defense capabilities, leaving the utilities vulnerable to cyberattacks that could result in significant disruptions to services. INL's CCE method addresses this challenge through the use of engineering design principles instead of traditional protection strategies, such as intrusion detection software or firewalls, to prevent increasingly sophisticated attacks from impacting utilities' most crucial operations. This article continues to discuss the INL researchers' new book on the CCE method and the development of this method. 

INL reports "INL Researchers Publish Book to Prevent Cybersecurity Disruptions, Train Workforce"