The Industrial Control System Community of Interest (ICS COI) is a UK community where knowledge of cyber security (and related safety information) can be exchanged to benefit the wellbeing of the UK. And it is the Community aspect that is the key in this new initiative.
The community recognises the benefit in creating a network that’s open to all organisations that have a vested interest in the improvement of ICS security and safety. This includes UK-based ICS operators, asset owners, security researchers, vendors, regulators, integrators, the UK government and academia.
Joining the group provides the following benefits:
The ICS COI is managed by the Steering Group who agree membership, set direction, and foster wider collaboration on behalf of the COI with existing ICS-related groups. To ensure an even representation of those within the wider ICS COI, members of the Steering Group are drawn from NCSC, industry asset owners, ICS vendors and security researchers, local government departments and academia.
Current work within the COI includes The Workbook, a ‘living document’ that identifies common cyber security issues across the ICS community. We are currently progressing 12 workstreams within The Workbook, which cover key issues including, insider threat, supply chain, GPS, and crypt/secure communication.
Although the ICS COI has over 400 members with good representation from most sectors, we are always on the lookout for new members from across all sectors.
You need to be a member of the ICS COI to be able to contribute to the latest security and safety-related discussions, or to participate in Expert Groups.
To apply to become a member please click here
Steering Group Members
The ICS COI is managed by a Steering Group who agree membership, set direction, and foster wider collaboration on behalf of the COI with existing ICS-related groups.
The Steering Group also includes several NCSC Staff who fulfil multiple roles, including Government Chair.
Industry Members
Marie Caruso, Arcanum Cyber & NCSC i100 (SG Chair)
Colin Topping, Ginger Cat Cyber Security NCSC i100 (Industry Chair)
Paul Hingley, Siemens (Industry Deputy Chair)
Jonathan Evans, NCSC i100 (Secretariat)
Tony Burton, Thales
Jennifer Glaister, Drax
Ian Henderson, BP
Josie Houghton, Rolls-Royce
Paul Lee, National Gas
Philip Litherland, National Grid
Victor Lough, Schneider Electric
Matthew Morgan, Jacobs Engineering
Matt Shreeve, Nuclear Decommissioning Authority
John Speakman, Rockwell Automation
Academic Members
Chris Hankin, Imperial College London (Academic Deputy Chair)
Awais Rashid, Bristol University
Pete Burnap, Cardiff University
Government Members
Chris Johnson, Dept for Science, Innovation and Technology
Current ICS COI Members
Membership is drawn from NCSC, industry asset owners, ICS vendors and security researchers, local government departments and academia. These operate across a wide variety of sectors as shown in the below breakdown.
Total number of members: 400
ICS COI Events
Members of the ICS COI gain access to Lunch and Learn webinars (lasting 1.5 hours) and Quarterly themed events (lasting 3 hours).
Recent events have been on the subjects of Threat posed by OSINT, Secure backup and Recovery in OT, Zero Trust in OT and OT Cyber Security Strategy.
The following Lunch and Learn sessions are planned (usually scheduled 13:00 – 14:30):
9th October 2024 – Pen Testing vs Vulnerability Research
13th November 2024 – Research in CNI
27th November 2024 – Role of the Lead Government Department (LGD)
11th December 2024 – Regulatory Funding Cycles
15th January 2025 – ICS/OT Threat Briefs
12th February 2025 – Secure by Design in OT
The following Quarterly events are planned (usually scheduled from 10:00 – 13:00):
Autumn Quarterly – 6th November 2024
To attend these events, you must be a member of the ICS COI. To apply to become a member please click here.
Expert Groups
There are a number of Expert Groups focused on elements of OT cyber security that have been deemed a high priority for the community.
Members of the ICS COI form Expert Groups who come together to provide expert input, using experience, knowledge and skills. Members join as individuals (rather than corporates), bringing their own personal cyber security expertise. There are a number of active Expert Groups including:
How to Join an Expert Group:
If you would like to join an Expert Group, there is a 2 Stage process:
Stage 1 – You must be an existing member of the ICS COI community to join an Expert Group.
If you are not already a member of ICS COI, then please complete this Application Form.
The application process requires you to provide a short bio outlining your ICS and OT related experience. It will take up to 4 weeks for the necessary membership approval from the ICS COI Steering Group.
Stage 2 – When you have been accepted as a member of the ICS COI you will be able to apply to join an Expert Group using the following forms:
- Supply Chain Expert Group (SCEG) – SCEG Application Form
- Monitoring & Logging Expert Group (MLEG) – MLEG Application Form
- Boundary Expert Group (BEG) – BEG Application Form
- Security Testing Expert Group (STEG) – STEG Application Form
- Vulnerability Management Expert Group (VMEG) – VMEG Application Form
- Identity and Access Management Expert Group (IDAMEG) – IDAM Application Form
It will take up to 4 weeks for your Expert Group application to be assessed and approved by the ICS COI Steering Group.
Downloads & Guidance
The following ICS/OT guidance has been developed by the ICS COI members in co-ordination with NCSC.
The NCSC website also provides additional advice, guidance and other content aimed specifically at those with an interest in UK Critical National Infrastructure.
Want to become a Member of the ICS COI?
Although the ICS COI has over 400 members with good representation, we are always on the lookout for new members from all sectors.
As a member of the ICS COI you will have access to, and participation in, sharing knowledge, expertise and experience within a trusted ICS Security community.
There are also opportunities to work on some large, cross sector ICS issues identified by existing groups or generated by the ICS COI Steering Group; contributing to building and maintaining ICS Security (and safety related) expertise within the UK.
To apply to become a member please click here.
To contact the ICS COI team please email icscoi@ncsc.gov.uk