So you’ve decided to start a quarterly or bi-annual patch program, you may find yourself thinking: “Do I really need to patch *everything*? What are the highest priority patches that I need to apply for the best risk reduction?” The good news...
The ISA99 Committee created a web page with all the work product in process and links to all of the draft documents. This is fantastic and part of their increased effort to get more people aware of and involved in their activities. Today there are 13 draft documents...
Guest author Andrew Ginter is the Director of Industrial Security at Waterfall Security Solutions, the makers of hardware-enforced unidirectional security gateways. The popular press cites an “alarming” statistic from time to time – the...
ICS-CERT made a fistful of updates yesterday. One of them is over a bag of bugs^Wsecurity concerns first revealed by yours truly. This update is a bit odd for a few reasons. Here is my summary of how it relates to my disclosure: the passwords disclosed by me...
Adding new security systems and making updates to the control system in the name of cyber security tends to have a ripple effect. Operational processes that were once nearly bulletproof have new or unknown steps, recovery efforts that were previously successful...
Guest author Darren Highfill is the Founder and a Managing Partner of UtiliSec, a consultancy focused on electric power cyber security. Darren has been at the forefront of efforts to secure the smart grid since long before the phrase was coined. Clouds. They...
The US Securities and Exchange Commission (SEC) is starting to crack down on cyber incident and cyber risk disclosures. They recently sent letters to six companies, including Eastman Chemical, asking for more information. This is the type of activity that gets C-level...
The good security practice for getting security updates to an ICS is well understood. A server on the SCADA or DCS network pulls the security updates from the ICS DMZ. The ICS DMZ pulls them from the corporate network, who pulls them from the Internet. You will see...
On July 30th, 2012, the northern region of India had its worst blackout in history, and then again the next day. By number of customers affected, it dwarfed the 2003 Northeast Blackout by ~570 million people. In response, the Indian government created a four person...
Saudi Aramco admitted that about 30,000 computers had been infected with malware known as Shamoon. They were quick to point out that “its primary enterprise systems of hydrocarbon exploration and production were unaffected as they operate on isolated network...
