products:

Sorry,

there are no posts to show...


Helpful Resources

News:

On July 21, 2016, the North American Electric Regulatory Commission (NERC) was given a directive to develop new risk management standards aimed at addressing risks to the information systems in the supply chain of electric system assets. The new standards will cover risks related to remote vendor access, software integrity and authenticity, vendor risk management, procurement controls, and more.

The Federal Energy Regulatory Commission (FERC) issued the new directive to NERC and they also issued a Notice of Inquiry (NOI) to collect input from the public about the protection of highly-sensitive control centers that monitor and control the bulk electric system in real-time. This NOI showed particular interest in remote vendor access and application whitelisting and referred to the recent successful attack on the Ukraine power grid as an example of the risks that need to be addressed in the current Critical Infrastructure Protection (CIP) standards.

Advanced malware has been increasingly threatening  Industrial Control Systems (ICS) in the energy industry in several recent incidents, including the well-studied Ukraine power grid attack and a recent attack on the Gundremmingen nuclear power plant. A highly-destructive type of malware known as ransomware has also recently impacted facilities like the Lansing Board of Water and Light (BWL) in Michigan.

Ransomware is a particularly dangerous and relatively new threat to ICS systems. A report from The Institute for Critical Infrastructure Technology (ICIT) emphasizes the risk: “if a SCADA or ICS system in an energy, utilities or manufacturing organization becomes infected with ransomware, then lives could be jeopardized in the time it takes to investigate the incident and return the systems to operation.” The report identifies endpoint security solutions as essential to preventing ransomware attacks, stating, “without adequate investment in bleeding-edge endpoint security solutions, ransomware will likely cause more significant harm much sooner.”

Learn more about how to prevent ransomware attacks with endpoint security.

Both of the new initiatives to continue to develop the NERC-CIP standards and to gain valuable insight from experts in the industry are important steps in securing the systems that monitor and control the generation and transmission of North America’s power. Improving security standards for the communications that connect the system-critical power control centers to the outside world is crucial to reducing the ICS attack surface and mitigating future attacks on the power grid.

Industry experts are encouraged to submit comments to the FERC and support this initiative by reading the NOI here.
Subscribe to CyberSheath’s blog for future important updates on NERC-CIP risks and solutions from our security professionals working in NERC-CIP regulated industries.

FAQs:

Cybersheath Blog

3 Reasons Why You Need a Privileged Access Risk Assessment

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization. These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can…

Incident Response – Learning the Lesson of Lessons Learned

“Those who do not learn from history are condemned to repeat it.” Over the years, variations of this famous quote have been spoken by everyone from philosophers to world leaders. The message — that we must learn from our mistakes or continue to repeat them — is also highly relevant…

What is DFARS 252.204-7012 and NIST SP 800-171?

With the Department of Defense (DoD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.  Compliance is mandatory for contractors doing business with…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Trace Security