The US Dept of Homeland Security had another reorganization. The Control Systems Security Program is now under the National Cybersecurity and Communications Integration Center (NCIC).
This was new to me, Justin Searle of UtiliSec has a two-day course Pentesting Smart Grid and SCADA. He is teaching it at Black Hat Abu Dhabi. There is a growing, rich set of ICS security training opportunities.
A Federal News Radio poll asked participants for the top US Government cybersecurity accomplishments from 2006 to present. In many ways the list is underwhelming, but a number of countries are trying to emulate the US effort particularly with things like a national SCADA testbed and ICS security training.
Experts went back and forth this week on who was behind the Aramco attack. Bloomberg argues against Iran and for a lone perpetrator.
More news on the Wurldtech certification front, Siemens Smart Grid Division received Achilles Practice Certification. This is the cert that originated from Wurldtech/Shell/WIB effort.
The critical infrastructure cyber security track at the IPA Forum in Tokyo drew a capacity crowd of ~300 people. They actually had to turn people away. With the push by METI, ICS security efforts and interest in Japan have jumped up a big step. It was actually exciting to be there, like the early days of PCSF.
Tweet of the Week
[blackbirdpie id=”261593784641540097 “]
Worth Reading Articles
- Brian Krebs’ Service Sells Access to Fortune 500 Firms DP note – more evidence that your corporate network is compromised
Critical Intelligence’s ICS Security Event Calendar Updates
Nothing new this week
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by addedentry