Tag Archives: DHS

Skip NERC CIP version 4 and go straight to version 5

Posted on by
Reply
On April 18th, 2013 FERC held a meeting in which it heard from NERC regarding the proposed Critical Infrastructure Protection version 5 standards. The committee voted to skip version 4 and move straight to version 5, and the recently issued Presidential executive order on critical infrastructure cyber security appeared to largely be the driving force behind the rapid movement. Some of the major changes for version 5 include: New risk-based tiered classification system for cyber assets: High, Me << More >>

Cyber attackers move to target critical infrastructure system suppliers

Posted on by
Reply
This week’s news identifies a cyber-attack perpetrated against a key supplier of automation system technologies used in multiple critical infrastructure sectors.  This latest news underscores the sophistication and the targeted nature of the attacks on critical infrastructure, as well as suppliers. It is representative of the determination and malicious intent of those intending to undermine global critical infrastructure. With DHS ICS CERT investigating 400% more incidents last year, it’s << More >>

ICSJWG – Key Takeaways

Posted on by
Reply
If you attended the recent ICSJWG Spring 2012 conference, you likely attended the panel that Industrial Defender organized entitled “Key Takeaways from S4 and Project Basecamp.” Moderated by Bob Lockhart from Pike Research, the members of the panel included: Markus Braendle, ABB Robert McComber, Telvent/Schnieder Graham Speake, Yokogowa Brad Hegrat, Rockwell/Allen-Bradley Jonathan Pollet, Red Tiger Security Jacob Kitchel, Industrial Defender There were a lot of good questions, strong opin << More >>

After Thoughts on ICSJWG

Posted on by
Reply
As you may know, Industrial Defender spent the last few days down in sunny Savannah, Georgia at the Industrial Control Systems Joint Working Group Spring Conference. For your reference, the Department of Homeland Security established the ICSJWG to facilitate information sharing and reduce the risk to the nation’s industrial control systems. At this conference, Industrial Defender organized and participated in a panel session entitled Key Take-Aways from S4 and Project Basecamp. This sessio << More >>

Log Management and Auditing from ICS CERT

Posted on by
Reply
For those of you concerned with Industrial Control System (ICS) Security, the DHS ICS-CERT is an invaluable resource.  In their most recent ICS CERT Newsletter (p2) the Situational Awareness section focuses on failures and fixes for logging and event monitoring.    “ICS CERT found that ineffective auditing and logging was one of the most consistent technical issues/obstacles encountered when responding to onsite incident visits.” The lesson’s learned this from the folks that provide i << More >>

Weighing in on the Effect of Stuxnet

Posted on by
Reply
Nearly two years after Stuxnet, cyber security experts are still weary of the effect this worm had on the safety of the nation’s critical infrastructure. The dialogue among experts in the industrial cyber security industry has switched from only operators talking about it to company executives now getting involved. The discussion is now focusing on developing a more unified approach to security. Automation World turned to security experts to identify the changing conversations within the cyber << More >>

Security Basics: Network Segmentation

Posted on by
Reply
I recently attended a DHS/US-CERT “Introduction to Industrial Control Systems Cybersecurity” course and was disappointed that there was not more time devoted to mitigation. One of the topics glossed over in the mitigation section of the course was network segmentation, especially the separation of enterprise / business networks from plant and control networks. Now, Industrial Defender field personnel tell me that pretty much every site they visit is already doing plant / enterprise n << More >>