The next Town Hall Meeting will be held in Denver, Colorado as part of the EnergySec 9th Annual Security Summit. This will be the 6th Town Hall meeting in our on-going series of electric sector cybersecurity moderated discussions. Be sure to put this meeting on your calendar! It’s certain to be another great conversation [...]
Recent News Subscribe
Power companies present cybersecurity gaps | USA Today
The U.S. militarys top cybercommander said some of the nations utility companies have lagged in investing in network security, raising concerns about the vulnerability of the nations critical infrastructure. “The power industry has a wide scale, from companies that are very good to companies that need a lot of work and a lot of help,” [...]
“Lazy” humans playing into critical infrastructure hackers’ hands | CSO
Critical infrastructure operators remain vulnerable to attack from hackers whose motivations have matured from the “pretty juvenile” wanton vandalism of the 1990s to the aggressive, targeted and financially-motivated cyber war being waged online today, a one-time senior security advisor to the US president has warned. Noting the popularity of early website defacement and DDoS attacks [...]
Can Congress Protect the Nation’s Critical Infrastructure? | PCWorld
The nation’s critical infrastructure is at risk – a well-executed cyber attack could have a potentially devastating effect. Congress is trying to patch some of the holes with legislation, but a recent survey found that most security experts have little faith that government regulation can do the trick. Sensational attacks against the critical infrastructure make [...]
A Slade Griffin Guest Blog Post: Where is the Workforce We Need?
There are multiple sources claiming that the United States has a shortage of “cyber” professionals. Assuming the term cyber equates to information security professionals, I would like to explore how an organization might go about finding the personnel they need to defend their mission. For the proper perspective, here are some headlines from the past [...]
Tom Alrich’s Blog: Asset Identification in CIP Version 5
“A funny thing happened on the way to this blog post. After FERC’s NOPR on April 18, I decided I should do a series of blog posts that really tear into the details of CIP Version 5 – since very few people other than the SDT members can probably give you a good accounting of [...]
Identity and Access Management and NERC CIP Compliance: So, What’s the Problem? Part 2 of 2
By Steve Hamburg, Encari Continuing with what was addressed in part one of this two-part article, “[Plain and simple: You cannot formulate an effective solution if you do not possess a sufficiently comprehensive understanding of the problem.”] Version 3 of the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards poses significant identity [...]
