US Cybersecurity and Infrastructure Security Agency (CISA): Guidance On The Essential Critical Infrastructure Workforce

As the Nation comes together to slow the spread of COVID-19, on March 16th the President issued updated Coronavirus Guidance for America that highlighted the importance of the critical infrastructure workforce. The Cybersecurity and Infrastructure Security Agency (CISA) executes the Secretary Read More …

NERC CIP compliance in Azure

When I did my first North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) compliance project it was 2009. NERC CIP was at version 3. It was the first mandatory cybersecurity standard that the utility I was working for had Read More …

Estonia’s Elering joins ENCS to bolster EU cybersecurity

Estonia’s national Transmission System Operator (TSO) for electricity and natural gas, Elering, has become the latest member of the European Network for Cyber Security (ENCS) to strengthen the energy sector’s cyber defences. Elering is responsible for the functioning of the Read More …

Drilling Deep: A Look at Cyberattacks on the Oil and Gas Industry

Mining, transportation, refining, distribution—the oil and gas industry has a widespread and complicated production chain that can be difficult to comprehensively defend. Risks come from all sides: extreme weather can affect transportation, politics (global and local) can impact production, and Read More …

Critical Remote Code-Execution Bugs Threaten Global Power Plants

Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used for Read More …

The energy industry practices for a ‘black swan’ cyberattack that could take down the grid

More than 6,500 government officials and big players in the energy sector came together this week to conduct a simulated cyberattack on the electrical grid. The event is called GridEx, and takes place every two years. It imagines the U.S. Read More …