03. December 2013 · Comments Off · Categories: News · Tags: , , , ,

The excellent security-mined people at the SANS Institute have produced an 8 minute video that walks you through a control systems attack.  The money they saved by using animation instead of Matt Damon or Morgan Freeman was put to good use as you’ll see. For such an esoteric subject, this is a first rate video. Continue reading →

26. November 2013 · Comments Off · Categories: News · Tags: , , , ,

The Federal Trade Commission recently hosted a public workshop examining the emerging role of connected technology – think smart refrigerators and fitness wristbands – with its ramifications for user privacy and data security. The workshop comes on the heels of the FTC’s 20-year consent order handed down to TRENDnet over the company’s “secure” webcams which, it Continue reading →

26. November 2013 · Comments Off · Categories: News · Tags: , , , ,

Despite their acknowledged importance for the security of the bulk electric system, the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards can’t ensure grid security. via Smart Grid: Survey says: NERC CIP compliance not enough to guarantee grid security.

06. November 2013 · Comments Off · Categories: News · Tags: , , , ,

nCube is a smart home system that lets you tailor a money-saving solution to suit your needs. Whether you want to save on energy bills by controlling light switches, heaters and thermostats from your phone or connecting to security devices on the go, you’ll be able to control a multitude of home systems from your Continue reading →

05. November 2013 · Comments Off · Categories: News · Tags: , , , ,

The National Electric Sector Cybersecurity Organization Resource (NESCOR), a Department of Energy funded public-private partnership led by EPRI, has published three cyber security failure scenario and impact analysis documents for the electric sector, which identify threat agents; criteria, ethods and results of prioritization of failure scenarios; and an analysis of common mitigations to identify the Continue reading →

30. October 2013 · Comments Off · Categories: News · Tags: , , , ,

SMi Group proudly presents its 4th annual European Smart Grid Cyber and SCADA Security conference, taking place in London, on the 10th-11th of March 2014. Registration for the event is now open. The event now in its 4th year delivers the latest developments on how Utilities from the US and Europe are dealing with persistent Continue reading →

29. October 2013 · Comments Off · Categories: News · Tags: , , , ,

In its rush to become smart, the electric power industry has paid scant attention to the security implications, complain Richard Andres and Karl Pabst of National Defense University in a recent post. One of the key features of a smart grid — two-way communications — greatly increases access to vulnerable SCADA systems, as SGN pointed Continue reading →

28. October 2013 · Comments Off · Categories: News · Tags: , , , ,

SMi Group proudly presents its 4th annual European Smart Grid Cyber and SCADA Security conference, taking place in London, on the 10th-11th of March 2014. Registration for the event is now open. The event now in its 4th year delivers the latest developments on how Utilities from the US and Europe are dealing with persistent Continue reading →

24. October 2013 · Comments Off · Categories: News · Tags: , , , ,

Just who are you inviting into your home with that latest ‘smart’ technology purchase? Many consumer electronics companies are launching ‘smart’ versions of their appliances. TVs, washing machines, dryers,’refrigerators, ovens, and vacuum cleaners – virtually any consumer electronic device can be made smart, by being fitted with a powerful embedded computer designed to be always Continue reading →

23. October 2013 · Comments Off · Categories: News · Tags: , , , ,

Designers of smart meters can now reduce time to market, raise the bar for higher accuracy, and secure their designs with Capistrano, a smart grid reference platform from Maxim Integrated Products, Inc. (NASDAQ: MXIM). Powered by the company’s Zeus metering SoC, Capistrano protects designs with advanced cryptography, physical attack detection, and life-cycle security schemes. via Continue reading →

Although the electric power industry may fear sophisticated cyberattacks, its biggest vulnerability is its people. Utility employees are vulnerable to relatively low-tech “phishing” attacks that rely on “social engineering” to trick people into revealing sensitive information. Wikipedia defines phishing as “the act of attempting to acquire information such as usernames, passwords, and credit card details Continue reading →

During the course of this series we outlined the basis for security in Critical Infrastructure and IT networks, after which we began to contrast the differences in network types and how they require unique security management and controls. In this article, I will continue to contrast the different network types. Additionally, I’ll introduce a model Continue reading →

Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announces that it is working with Oracle and V2COM, a leading developer of Smart Grid systems, in delivering a flexible smart energy solution. This advanced Smart Grid Platform leveraging Gemalto’s Cinterion modules with Oracle Java ME Embedded and Oracle Java SE Embedded, will help to modernize electrical power Continue reading →

17. September 2013 · Comments Off · Categories: News · Tags: , , , ,

Energy has several security-related aspects. Supply lines and increasingly interconnected critical infrastructure are frequently targeted by terrorists, computer hackers and pirates. Deployed forces need to become more energy-efficient in order to save money and reduce the environmental impact. And the growing global demand for energy and other scarce resources could lead to disputes. Last week, Continue reading →

Last week I posted on an encouraging trend I witnessed over the past 2 years: the emergence in some utilities of security governance boards comprised of security and privacy leaders, often a rep from legal or compliance, and senior stakeholders representing different business lines.  Soon after it went live, I received multiple corroborations from friends Continue reading →

I’ll oversimplify this to keep it short, but the President kicked all of this off earlier this year in the wake of failed cyber security legislation efforts in 2010 (GRID Act) and 2012 (Cybersecurity Act of 2012). via Smart Grid: First look at cybersecurity incentive ideas, companion to NIST’s Framework efforts.

28. August 2013 · Comments Off · Categories: News · Tags: , , , ,

Now we’re getting somewhere!  The long submerged topic of “who should pay” for electric utility cyber security improvements has just breached the surface and is now bobbing up and down in clear daylight. via The Smart Grid Security Blog: Motivation through Compensation: Paying Utilities to Upgrade Cyber Defenses.

16. July 2013 · Comments Off · Categories: News · Tags: , , , ,

The 28 member countries of the North Atlantic Treaty Organization are reducing the energy footprint of their defense operations as a priority, top NATO officials said this week. NATO as a military and political organization, as well as individual allies, are working with alternative energy sources and developing multinational “smart energy” projects. “A growing dependence Continue reading →

20. June 2013 · Comments Off · Categories: News · Tags: , , , ,

The U.S. National Institute of Standards and Technology has produced a set of cybersecurity guidelines, called NISTIR 7628. It’s a good start, but still has weaknesses, as reported by Phys.org. Recently, Aldar Chan and Jianying Zhou of Singapore’s A*STAR Institute for Infocomm Research have identified two key gaps. The two applied the standard to electric Continue reading →

31. May 2013 · Comments Off · Categories: News · Tags: , , , ,

For utilities, there are more smart grid startups to partner up with than ever before. But competition is fierce, and many smart grid startups face limited market shares despite putting out quality products. Cutting through the fray are the smart grid startups every utility should know about. Not only are these up-and-coming companies making headlines and cash, Continue reading →