Gene Kim on Practical Steps to Achieve and Maintain NERC Compliance
The post Gene Kim on Practical Steps to Achieve and Maintain NERC Compliance appeared first on The State of Security.
View ArticleU.S. Dam Data Breach and NERC CIP Standards
The post U.S. Dam Data Breach and NERC CIP Standards appeared first on The State of Security.
View ArticlePassing NERC CIP Audits via Automation
The post Passing NERC CIP Audits via Automation appeared first on The State of Security.
View ArticleNERC CIP: It Gets Worse Before it Gets Better
The post NERC CIP: It Gets Worse Before it Gets Better appeared first on The State of Security.
View ArticleNERC CIP Version 5: One Giant Leap
The post NERC CIP Version 5: One Giant Leap appeared first on The State of Security.
View ArticleThe Top Five NERC CIP Audit Fails
The post The Top Five NERC CIP Audit Fails appeared first on The State of Security.
View ArticlePower Grid Security Vulnerabilities Call on Utility Companies to Unite Together
Earlier this month, an explosion at a power station in Maryland caused outages at the White House, the Capital, and the State Department. The service interruption, which affected between 10,000 and...
View ArticleNERC CIP Audits: Top 10 Common Mistakes
I spent quite a while on the road while working at NERC for about seven years. I believe at one point I had over 130+ nights stayed during a single year. One of the many roles I had while at NERC was...
View ArticleHello There, NERC CIPv6
Thanks to FERC’s Order 822, NERC CIPv6 has been approved. That means that the seven updated standards proposed by NERC for inclusion have been accepted. First, there seems to be a lot of confusion (or...
View ArticleThe Change Management and Baselines Challenge in NERC CIP
In the last year, change management has been one of the top challenges customers want to solve. The problem is complex, and integration is essential to producing a sustainable solution. There are...
View ArticleSecurity Event Monitoring and NERC CIP
I work daily with organizations regulated by NERC CIP, and it always helps to place things into perspective. One of those challenges is security event monitoring. Security event monitoring involves the...
View ArticleBaselines and Security Patches – A Tough NERC CIP Challenge
There are roughly 200 requirements and sub-requirements in NERC CIP, and to satisfy each one requires performance-based compliance evidence that produces the comprehensive documentation that proves...
View ArticleSurvey: Most Energy IT Professionals Not Confident in Ability to Detect All...
Earlier this year, Tripwire asked 200 security professionals at RSA about their organizations’ ability to protect against ransomware infections. The results were less than promising. A majority (58...
View ArticleSoftware Monitoring for NERC CIP: What, Why and How – Part 1
The momentous NERC CIP v5 deadline of July 1 is now behind us. Considerable work has been done by all NERC registered entities, but there is still considerable work ahead. Some entities are still...
View ArticleSoftware Monitoring for NERC CIP – What, Why and How – Part 2
In Part 1 of this series, I walked through the background of the NERC CIP v5 controls and outlined what needs to be monitored for NERC CIP software requirements. In this final part of the series, we...
View ArticleGene Kim on Practical Steps to Achieve and Maintain NERC Compliance
The Federal Energy Regulatory Commission (FERC) approved the Security and Reliability Standards proposed by North American Electric Reliability Corporation (NERC) back in 2006, making the Critical...
View ArticleU.S. Dam Data Breach and NERC CIP Standards
United States intelligence agencies have uncovered a data breach that targeted and compromised the U.S. Army Corps of Engineers’ National Inventory of Dams (NID) starting back in January. The database...
View ArticlePassing NERC CIP Audits via Automation
This presentation will provide attendees with the keys to achieving and maintaining NERC CIP compliance using Tripwire solutions. Jeff Simon, Tripwire Director of Services Solutions, and Jason Iler,...
View ArticleNERC CIP: It Gets Worse Before it Gets Better
A recent report issued by ICS-CERT indicated that attacks against energy related assets have increased as much as 380% since 2010, putting a great deal of pressure on the energy sector to bolster NERC...
View ArticleNERC CIP Version 5: One Giant Leap
Bolstering security for networks that govern critical infrastructure has been one of the nation’s highest priorities for several years, and key to this effort is the continued development of workable...
View Article
More Pages to Explore .....