30 January 2003
IBM joins cyber-sleuths
Somers, N.Y. – The Chemicals Sector Cyber-Security Information Sharing Forum today announced that IBM will help it to speed development and execution of industry benchmarks for cyber-security. The Forum's work with IBM will enable further implementation of two components of the Forum's Chemicals Sector Cyber-Security Program – establishing sector practices and standards and encouraging acceleration of improved security technology and solutions development.
Through its Cyber-Security Program, the Forum is charged with evaluating the wide variety of recommendations and tools that exist today to determine a common industry standard to help achieve the complex task of enhancing cyber-security for intellectual properties while simultaneously enabling broad-based multinational collaboration. The Forum consists of 10 chemical industry trade associations representing more than 2,000 chemical companies, each with unique needs based on their size and the systems they employ.
"In helping the Forum craft these important security standards, IBM is leveraging a substantial body of knowledge acquired during years of working with the chemical industry," said Rusine Mitchell-Sinclair, general manager of IBM Safety and Security Services. "Together, we will develop benchmarks that will help raise the security of the industry's vital information and manufacturing control systems."
IBM's Safety and Security practice will help the Forum by working with the Chemical Industry Data Exchange (CIDXTM) to establish an initial chemical industry benchmark, as part of the newly formed CIDX Cyber-Security Practices, Standards and Technology Initiative. The CIDX initiative is responsible for implementing the Standards and Practices component of the Chemicals Sector Cyber-Security Program.
The Program has endorsed the ISO/IEC International Standard 17799 as voluntary guidance for companies in the industry to follow in devising risk-based cyber-security plans for their organizations. ISO 17799 will be the framework for establishing cyber-security management practices for Program participants. IBM will act as a consultant to help the companies participating in this initial benchmarking to assess themselves against the standard. The self-assessments will provide the basis to establish benchmarks by which cyber-security practices can be measured within the industry.
"We anticipate more than 20 chemical companies will participate in assessing themselves against the ISO 17799 standard in this first round, which will provide us with a look at the level of cyber-security in the industry today. It will also give us a foundation upon which we can build our cyber-security practices in the future," said Patricia B. Simmons, Executive Director of CIDX.
"The expertise IBM brings to the Program will enable us to efficiently and cost-effectively improve our practices and set the standard for cyber-security in the chemical industry," said Christine Adams, Program Manager, Chemicals Sector Cyber-Security Program.
The Chemicals Sector Cyber-Security Information Sharing Forum, a group of industry trade organizations committed to the continued enhancement of cyber security within the industry, was created to implement a cyber-security program focused on risk management and reduction to provide open, secure information and process control systems. The Chemicals Sector Cyber-Security Program includes five key initiatives: fostering involvement and commitment across the sector; establishing a program to advocate the establishment of sector practices and policies; establishing sector practices and standards; establishing an information sharing network; and encouraging acceleration of improved security technology and solutions development.
For more information visit the CIDX Web site at http://www.cidx.org/ .
Return to Previous Page