For years, organizations have turned to security events and logs, aka machine data, to meet compliance requirements for regulations and mandates such as PCI, HIPAA, FISMA, GLBA, NERC, ISO, COSO, and the EU Data Directive. These compliance requirements typically include security event logging and retention, threat detection and alerting, and incident review and response. Additionally, organizations must measure the effectiveness of the many technical controls required by these regulations and mandates.In the past, organizations have turned to traditional Security Information and Event Management (SIEM) software to meet these requirements. SIEMs centrally collect event and log data from security devices. In turn, these logs can be harnessed for cross-data source correlations and rules to detect threats, after-the-fact incident investigations and response, and for compliance reporting.
If your business is considering IoT, cloud and device security are likely top of mind. At Microsoft, our support for industry standards is straightforward and transparent: We’ve shared our best practices here on this blog. Our dedicated support for our customers is also an open book, which is why we’re sharing some of the common questions we receive on how security and compliance work specifically for Azure IoT technology. Here are some of the common questions we hear on how we engineer for IoT security:
At European Utility Week in Vienna, Austria, the Powerline Intelligent Metering Evolution (PRIME) Alliance this week confirmed development of an automated certification tool for research laboratories including DNV GL, ITE and Technalia.In a press statement, PRIME Alliance said using an existing set of test cases for certification and compliance testing for service and base nodes.
The OpenADR Alliance, a nonprofit corporation supporting the development, adoption and compliance of the Open Automated Demand Response (OpenADR) smart grid standard, says there are now more than 50 certified products conforming to the 2.0a and 2.0b Profile Specifications.
Energy management and procurement firm Texzon Utilities has received OpenADR 2.0b certification of its automated demand response (ADR) controller from the OpenADR Alliance, a nonprofit corporation created to foster the development and adoption of and compliance with the OpenADR smart grid standard.
Today, ecobee, makers of the world’s first smart thermostat, announced it has received OpenADR 2.0b certification from the OpenADR Alliance, a nonprofit corporation created to foster the development, adoption, and compliance of the OpenADR smart grid standard. ecobee is the first company to have a 2.0b certified thermostat which provides standard-based communication between utilities and its customers to help improve energy savings and ease of participation in demand response (DR) programs.
With the NERC CIP Version 5 compliance dates on the horizon, there is no better time to focus your attention toward improving your internal compliance program. Utilities have had several years to implement Version 1 through 3 of the NERC CIP standards, and along the way there have been significant efforts made to build these programs where, in many cases, none existed before.
Despite their acknowledged importance for the security of the bulk electric system, the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards can’t ensure grid security.
Last week I posted on an encouraging trend I witnessed over the past 2 years: the emergence in some utilities of security governance boards comprised of security and privacy leaders, often a rep from legal or compliance, and senior stakeholders representing different business lines. Soon after it went live, I received multiple corroborations from friends in the field who have seen the same thing in their patches. This is all goodness.
A unique confluence of challenging and revolutionary factors is occurring in the normally steady and predictable utility industry. Electricity demand plateaued in 2007 after years of stable growth and it may stay flat for several years to come. Increased energy efficiency from both the private sector and state/federal directives, more stringent environmental compliance regulations, planned retirements of coal-fired power plants and the substantial increase in the availability of relatively affordable domestic natural gas have uniquely coalesced at roughly the same time.