SMRP's vice chair on conversations with Congress

HP: We come across three groups of infrastructure and education and cyber infrastructure and two representatives, including trades and learning. Even at the two meetings where we were waiting to talk about infrastructure and education, we were asked for our opinion on cybersecurity in relation to IO / IIoT and commercial / industrial communications. We have met with key members of majority and minority National Security committees on the security of communications devices and the IO / IIoT and Web-based cloud. These meetings were directly related to our work on infrastructure, including the network, municipalities and related systems. Both organizations have approached SMRP to advise in these areas.

One area that has been tackled repeatedly was the threat of pirates and criminals in black hat IO / IIoT devices, smart devices and Web systems, especially those used by maintenance organizations. At present, there is no system or method to check the reliability of the IO / IIoT and cloud based systems. With Media SC (Arbor Study, World Report on Road Safety 2017 Infrastructure) they include an increase in attacks of more than 7900% since the beginning of the report in 2005, reaching 68% from 2016 and 43% of data centers and Cloud providers to interruptions due to device IO attacks - exploited the issue has an impact on our industries. Criminals often target devices and systems in question and are looking for IO with known firmware problems that can be exploited, and most of these systems are related to physical asset management.

We also met the office of Congresswoman Sheila Jackson Lee (D-TX) to discuss the Scout Law that SMRP helped draft. This legislation addresses a specific weakness of the cybernetic resilience of public utilities in which public utilities are not presently assumed to address cyber security issues and issues such as usable devices and provide space for information exchange to strengthen our defenses . The Law will be on the table of discussion and vote this year.

We will continue to hold meetings to deepen SMRP's desire to create a comprehensive study on the impact of cyber security on commercial and industrial infrastructure of IO / IIoT, cloud and communication throughout the current year. In addition, SMRP looks for ways to educate the community of maintenance, reliability, and physical asset management on the potential impact of cyberattacks and how to avoid, or at least reduce. As has been pointed out by all cybersecurity professionals: "It is not whether you will be influenced by a successful attack, but when."

PS: The cyber security issue that helps to attract the attention of committees, given the special attention that the subject and others (large volumes of data, digital processing) that takes place recently in the press industry?

HP: Large data, digital processing and several of the systems we use to maintain our systems are of great concern to the politicians we meet. At the moment there are very few rules, limited knowledge or attention and major attacks against these black hacking systems. All you need is an administrator using a weak password or accidental or deliberate opening left by someone. This is one of the areas where () we were asked to lend our experience.

PS: What are your goals when working specifically with OSHA?

HP: SMRP development of a partnership with OSHA, which includes the creation of specific inputs and equipment for the SMRP member industry. A safe workplace is a reliable place to work, and we have noted a significant interest from members and officials when the SMRP discussed OSHA. SMRP continue in this direction and will provide support for OSHA's comments, that these articles have an impact on our industry.

It is important to understand that SMRP did not refer to these committees and decision makers with a specific program that we want them to address. We come closer to hearing that "we are SMRP and we are here to help."