Connect with us

Hi, what are you looking for?



ENISA Calls For New ICS/SCADA Cybersecurity Certification Programs

The European Union Agency for Network and Information Security (ENISA) has published a new study on the challenges of developing certification schemes for cybersecurity professionals in the field of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA).

The European Union Agency for Network and Information Security (ENISA) has published a new study on the challenges of developing certification schemes for cybersecurity professionals in the field of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA).

ICS/SCADA systems are increasingly targeted by malicious actors. A perfect example is the BlackEnergy2 threat group that has targeted numerous organizations in the energy sector. The group has been spotted attempting to deliver malware in ICS environments by leveraging vulnerabilities in Siemens products.

ENISA has pointed out that securing ICS/SCADA systems requires knowledge of operational technology (OT), information technology (IT), and cyber security. What makes this task even more challenging is the fact that industrial systems are used in a wide range of sectors, such as energy, automation, oil and gas, chemical, manufacturing, and pharmaceutical. While all of these sectors use similar physical systems, there are significant differences in their processes and operational procedures.

Avoiding commercial interests that can impact credibility, obtaining support from stakeholders, ensuring that future certifications will be improved compared to existing ones, and exploring the professional roles of ICS/SCADA experts are also on the list of challenges identified in the report.

ENISA has identified several certification schemes specific to ICS/SCADA cybersecurity, such as the International Society of Automation’s ISA 99/IEC 62443 Cyber Security Certificate Program, the SANS Global Industrial Cyber Security Professional certification (GICSP), and the Certified ICS/SCADA Security Architect (CSSA) certification from the Information Assurance Certification Review Board.

Current certifications have a theoretical approach and the EU agency believes a practical aspect should be included in future programs. However, including a practical component can be challenging because ICS operations usually need to be executed continuously, which makes it difficult to put knowledge into practice on production systems.

There is currently only a limited offer of ICS/SCADA cybersecurity training programs. The list of organizations that provide such courses includes ICS-CERT, CCI-ES, ENCS, Firebrand, InfoSecure, TSTC, Deloitte, and SCADAHacker.

Advertisement. Scroll to continue reading.

A survey conducted by ENISA has revealed that only 55% of ICS/SCADA experts are aware of existing certification schemes. While three quarters of respondents are considering getting certified, only one third of them have obtained or are in the process of obtaining a cybersecurity certificate.

Interviewed experts believe existing certifications should be used as a foundation for building comprehensive European certification schemes.

ENISA has provided a series of recommendations for the public and private sectors in the EU regarding the development of future ICS/SCADA cybersecurity certifications. The recommendations include creating a steering committee to evaluate the criteria for reviewing and assessing current and future certifications, developing simulation environments for practical training, and creating a framework to define the main features and contents of future schemes.

“ICS/SCADA cyber security is at the core of many industrial processes and a growing field which will present commercial and industrial opportunities. Specialised schemes certifying the skills of cyber security experts working on ICS/SCADA would be advantageous to industry sectors and sub-sectors, and important in ensuring the level of cyber security across Europe,” noted Prof. Udo Helmbrecht, the executive director of ENISA.

The complete study, Certification of Cyber Security skills of ICS/SCADA professionals, is available online.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Training & Awareness

Google has announced a new training program for cybersecurity analysts and those who graduate will get a professional certificate from Google.


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.