FTC Ruling Puts ICS Firms on Alert

By Gregory Hale, Writer | John Cusimano, aeSolutions Contributor | Published: August 26, 2015 ISS Source.com

An appellate court Monday ruled the Federal Trade Commission (FTC) has the legal right to sue companies that fail to protect their customers’ data with proper cyber security measures.

While the ruling was the result of a legal complaint and lawsuit by the FTC against Wyndham Hotels for failing to protect customer details, the affects could end up felt in the manufacturing automation sector along with other industries where companies blatantly ignore security safeguards.

This decision from the Third U.S. Circuit Court of Appeals is a legal confirmation of the FTC’s power over cyber security issues, and not “government overreach” as Wyndham claimed.

Wyndham holdings suffered hacks three times in two years and the company failed to put security measures in place after each incident.

“I think this will be seen and acted upon by the corporate sector first, but I think it will eventually move into the ICS (Industrial Control System) space,” said Graham Speake, vice president and chief product architect at NexDefense, Inc. “I am seeing more and more companies actually performing assessments of the ICS environment. While some of this is due to NERC CIP and NRC regulation, I am seeing more and more companies using the NIST framework as…

Read Full Article: FTC Ruling Puts ICS Firms on Alert