By Jack Whitsitt Since I returned from the yearly hacking & security mega-conference Defcon (and the less well known, but perhaps more interesting, Bsides Las Vegas) last month, I’ve been asked on several occasions to comment on the various control systems specific talks. The truth is, I only went to one or two. This is […]
Archive | Guest Blog RSS feed for this section
Thoughts from a SCADA Engineer By Chris Sistrunk, PE
“Engineering isn’t about perfect solutions; it’s about doing the best you can with limited resources.” ― Randy Pausch, The Last Lecture A little background on myself, I have been an Engineer for Entergy for 10 years, 8 of which have been involved with the T&D SCADA system. I started with maintaining the SCADA master database, building operator […]
Read More 3 Comments
Public Utility Commission of Ohio’s Thomas Pearce on “Cybersecurity and Regulators”
As we all know, debate remains ongoing in our nation’s capital,, and increasingly in state capitals around the country regarding cybersecurity. Leading the charge is the recent Executive Order along with its companion Presidential Policy Directive. Despite relative inaction in getting federal legislation signed into law, I can tell you that there is on-going and […]
Read More 0 Comments
A Slade Griffin Guest Blog Post: Where is the Workforce We Need?
There are multiple sources claiming that the United States has a shortage of “cyber” professionals. Assuming the term cyber equates to information security professionals, I would like to explore how an organization might go about finding the personnel they need to defend their mission. For the proper perspective, here are some headlines from the past […]
Read More 4 Comments
Identity and Access Management and NERC CIP Compliance: So, What’s the Problem? Part 2 of 2
By Steve Hamburg, Encari Continuing with what was addressed in part one of this two-part article, “[Plain and simple: You cannot formulate an effective solution if you do not possess a sufficiently comprehensive understanding of the problem.”] Version 3 of the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards poses significant identity […]
Read More 0 Comments
Smart Grid Security – What does success actually look like? | Josh Wepman
Anyone reading this blog post has probably asked, “What does Smart Grid security success look like?” I ask myself this question a lot, and I am constantly amazed how uncertain I am of the answer. I am also amazed at the varied answers I hear in the market. The reasons for uncertainty are pretty compelling: […]
Read More 2 Comments
Former DOE Chief Information Security Officer Weighs in on the Executive Order
One of the benefits of retirement is having the time to reflect on one’s career and current events. After spending many years working on cybersecurity in the US Department of Energy national laboratories, as the DOE Chief Information Security Officer, and supporting international cybersecurity efforts, I agree that the electric sector cybersecurity needs a comprehensive […]
Read More 0 Comments
Critical Issues in the Executive Order on Cybersecurity
By Jacob Olcott, Principal, Good Harbor Security Risk Management On February 12, during the State of the Union address, the President announced the signing of his long-awaited Executive Order (EO) on cybersecurity. For many of us who have either followed or been involved in the evolution of critical infrastructure cybersecurity policy over the last several […]
Read More 2 Comments
Cybersecurity Legislation ‘Circus’ – Back in Town
By Kristen Neller Verderame, founder and CEO of Pondera International Ever notice that when the circus comes to town there is a lot of excitement, flash, colors and activity – and when it leaves, all that is left are a couple of empty popcorn bags on the bare ground to be swept into the trash? OK, […]
Read More 0 Comments
