Blog Posts Tagged with "NERC CIP"

5cbe1364caf51f95cac6484a832d66d0

The "Compliance Society"

July 23, 2012 Added by:Bob Radvanovsky

I am quickly growing weary of the fact that individuals claiming to be "cybersecurity" or "critical infrastructure" subject-matter experts (or "SMEs"), are indicating that adherence to a regulatory requirement or compliance governance means that something is "secured". Let's get one thing straight...

Comments  (5)

5cbe1364caf51f95cac6484a832d66d0

Companies Focus on Growth But Lag Behind Threats

June 20, 2012 Added by:Bob Radvanovsky

Industries that are regulated or that have to adhere to a standard feel that if they simply follow the requirements that they are secured. This is a misnomer, as adherence to a regulation, governance or compliance standard is a good start, but it does not necessarily mean that an organization is "secure"...

Comments  (0)

5106d48203954b74e6ea495e5c7f21b0

The Need for Improved Critical Infrastructure Protection

June 13, 2012 Added by:William Mcborrough

Tackling the problem of critical infrastructure protection will take concerted efforts from the public and private sectors. An appropriate governance structure is needed to avoid the inevitable over-reaction that will follow the inevitable catastrophic attack against our critical infrastructure...

Comments  (4)

8a958994958cdf24f0dc051edfe29462

Smart Grid Security, Challenges and Change

May 08, 2012 Added by:Larry Karisny

The cost and time of trying to become compliant with guidelines and standards will put smart-grid security years off before it can achieve any security solutions. There must be a way out of what people in the security business are now calling the "smart grid security circus"...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Are ICS Vendors Really to Blame for Insecure Systems?

April 27, 2012 Added by:Joe Weiss

The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Are DOE and DHS Helping to Secure the Infrastructure or Not?

March 08, 2012 Added by:Joe Weiss

DOE and the utilities are in an effort to secure the Grid. Yet the utilities voted down Version 5 of the NERC CIPs. Many of the devices that have been demonstrated to be vulnerable would not be addressed by NERC. Who is responsible for protecting critical infrastructure?

Comments  (0)

69dafe8b58066478aea48f3d0f384820

AlienVault Releases SCADA SIEM for Critical Infrastructure

May 31, 2011 Added by:Headlines

"We have a solution that can address the security and compliance needs of customers in process control industries including electric power utilities, public works and oil & gas. You just cannot get that level of capability, reliability and integration with legacy IT or ICS solutions..."

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Debriefing: NERC CIP 011 Standards

March 31, 2011 Added by:Ron Lepofsky

The standards have been recently filed with FERC for approval for the US and with a variety of Canadian provincial authorities. To assist on CIP developments directly from the NERC site, I'm providing a navigation guide to get you directly to where you need to go...

Comments  (3)

39b6d5c1d3c6db11155b975f1b08059f

Do You Know About Heavyweight NERC CIP 011-1?

March 13, 2011 Added by:Ron Lepofsky

Electrical utilities are already challenged with the process of becoming certified for compliance with the NERC CIP standard for IT security. The NERC CIP standard is evolving, thank goodness. Perhaps you haven’t noticed the innocuous sounding proposed new standard now in the creation process...

Comments  (2)

39b6d5c1d3c6db11155b975f1b08059f

What’s the Threat? Smart Grid or Dazed Defenders

February 21, 2011 Added by:Ron Lepofsky

NERC CIP standards are written expressly for electrical utilities. If rigorously deployed they are a material step towards security. A more comprehensive set of security control within COBIT, upon which IT SOX compliance is based, should be considered for hardening the electrical grid...

Comments  (0)