Archive | NCSAM RSS feed for this section

2012 NCSAM Tip #31

Hardening the operating system is a common practice that should be addressed; however, do not forget to harden the hardware as well. Consider using strong bios passwords, removing or disabling all unnecessary external I/O ports, implementing computer chassis locks, and deploying RJ45 tamper resistant solutions. These options can be very important in helping provide additional […]

Read More 0 Comments

2012 NCSAM Tip #30

Take time to draft security policies that make business sense. Pay particular attention to each security policy statement focusing on how the policy would work within the environment it is intended to govern. This is extremely important in control system environments because the implementation of a poorly considered security policy could result in a negative impact on […]

Read More 0 Comments

2012 NCSAM Tip #29

Ensure published case studies, regulatory filings, conference materials, websites, blogs and other public information sources do not include sensitive information about your critical infrastructures. For more information about what sensitive information should be protected, read pages 4 and 5 of this National Association of Regulatory Utility Commissioners (NARUC) publication titled “Information Sharing Practices in Regulated Critical Infrastructure […]

Read More 0 Comments

2012 NCSAM Tip #28

Executive buy-in is essential in building a strong security program. We often hear the mantra about the “tone from the top”. But how does one go about obtaining the executive sponsorship that is so critical to the success of any organizational security discipline? First of all, be consistent and persistent. Consistently provide updates about the […]

Read More 0 Comments

2012 NCSAM Tip #27

Most security practitioners have heard the phrase, “security by obscurity” at least a few times in their career. Perhaps, even ad nauseam.  The phrase essentially means that a perception of security exists based solely on the environment or system being unknown or not understood by the many. In other words, it is obscure therefore it is inherently secure. That […]

Read More 0 Comments

2012 NCSAM Tip #26

Database security is often a forgotten task. Many systems in the electric sector provide a means for an organization to utilize a variety of database platforms. Regardless if it is Oracle, MS-SQL, MySql or PostgreSQL serving the historian or energy management system or other control system, there is a need to address the database’s security configuration. The […]

Read More 2 Comments

2012 NCSAM Tip #25

Although one might argue that passwords are no longer adequate, industrial control system environments still rely on them as part of an overall defense-in-depth security practice. Be sure to proactively seek out bad password disciplines and implement corrective action. Assure that the control systems in your environment are configured to utilize password controls (if available) […]

Read More 0 Comments

2012 NCSAM Tip #24

In the event of a cybersecurity incident, taking forensic-minded handling precautions are essential. As documented by Department of Homeland Security (DHS)’s National Cyber Security Division Control Systems Security Program in its “Creating Cyber Forensics Plans for Control Systems” recommended practices, being prepared with a cyber forensic plan specific to control environments is required. In this document it is recommend […]

Read More 0 Comments

2012 NCSAM Tip #23

As has been mentioned in several NESCO NCSAM tips, knowing the business is an important aspect of being able to apply appropriate security solutions to a control system environment. We have suggested spending time with system operators and field technicians to further your education in how electric sector systems functions. Another way to increase your […]

Read More 0 Comments

2012 NCSAM Tip #22

In the game of staying ahead of cyber security threats there is no substitute for knowing the vulnerability state of your environment. There are many tools available that can help security professionals discover these vulnerabilities but not many as robust as the open source Metasploit framework. For the electric sector, SCADA exploit modules for Metasploit are being developed all the time. […]

Read More 0 Comments