Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE)

Product Description
Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes.
Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable.
Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.
Review
"The coronavirus pandemic has demonstrated just how important digital networks are to Americans’ professional and personal lives–and hammered home the importance of preparing for worst-case scenario. The team at Idaho National Lab understands the stakes and have laid out steps we can take to protect our critical infrastructure from attacks. These clear-eyed, valuable insights should inform policymakers as we expand our efforts to increase America’s cyber capabilities."
―Angus S. King, Senator, I-Maine, and Co-Chairman of the Cyberspace Solarium Commission\n"Defending the United States’ critical control systems is one of the most pressing national security challenges of our time. The Idaho National Lab is the unquestioned leader in critical infrastructure protection and Mr. Bochman and Ms. Freeman, key players in INL’s efforts, have captured the essence and detail of the lab’s philosophy in this timely book. INL’s consequence-driven cyber-informed engineering (CCE) approach of simplifying and isolating our most critical systems to limit paths to attack is the foundation of our national efforts to secure our control systems. Anyone looking to understand the future of cybersecurity and critical infrastructure protection should start right here."
―Senator Jim Risch, Chairman of the Senate Foreign Relations Committee and member of the Intelligence and Energy & Natural Resource Committees\n"CCE-founder Mike Assante sparked my interest in cybersecurity more than a decade ago, and he helped me understand how we can better secure the operational technology underlying our daily lives. He was taken from us at far too young an age, but I am excited that his wisdom and philosophy of building security into engineering processes are captured in this book and will continue to aid our nation for years to come."
―Congressman Jim Langevin, U.S. Representative for Rhode Island's 2nd Congressional District\n"This book is an invaluable resource for the electric power industry, its complex supply-chains, and those charged with better protecting all of it. At its core, CCE is really about keeping o