Security log management is arguably the “best bang for your buck” tool in the security practitioners bag. Continuous capability maturity evaluations within your organization will help assure that the security log management engine is running on all cylinders. Take a look at this NESCO whitepaper that discusses one such capability maturity model that can be […]
2012 NCSAM Tip #21
2012 NCSAM Tip #20
In order to design good cyber security controls for a particular system, it is necessary to understand the technology footprint as much as the business requirements. In the electric sector, it is essential to have a firm grasp of the unique technologies used in the control environments before attempting to apply cyber security disciplines. Be […]
2012 NCSAM Tip #19
To protect access to the industry’s electronic “crown jewels”, we build security perimeters. These perimeters almost always include a device with a firewall operating system. Access control policies are applied to create the rules necessary to deny all and then only allow access to who/what is needed to support the essential business functions. At least that […]
2012 NCSAM Tip #18
A high level understanding of your organization’s business is critical to establishing a cybersecurity program. In addition, the details of that program, and the controls deployed to address security risks, must consider the details of your business operations. You should seek to learn even seemingly trivial details of business processes and work methods so that […]
2012 NCSAM Tip #17
Cybersecurity is not an effort to be undertaken for its own sake. The purpose and objective of security efforts is to protect an organization’s essential business functions from attacks by hostile parties. Obtaining an understanding of your organization’s business, the aspects of operation that are most critical to its success, and the technology which supports […]
2012 NCSAM Tip #16
Wireless access points are a temptation that is hard to resist. The convenience factor can contribute to their deployment even when the security risks may outweigh business value. That isn’t to say wireless can’t be secured; however, in control system environments there should be tremendous consideration before allowing wireless access points to be deployed. Be sure to […]
2012 NCSAM Tip #15
The electric sector’s control environments are a subset of the overall automation world. We have done like many other sectors – such as airlines, manufacturing, chemical, etc – and incorporated control systems into the business to manage the plethora of things that need to be turned on and off, monitored and/or automated to make “it” […]
2012 NCSAM Tip #14
Don’t forget to protect sensitive data leakage from critical cyber assets that may be redeployed or otherwise decommissioned. It doesn’t take much information to give the “bad guys” the ammunition they need to unleash a mischievous cyber attack. Following media destruction best practices can go a long way toward avoiding a cyber incident. Take a […]
2012 NCSAM Tip #13
Network perimeters are often seen as an outward facing boundary meant to keep the bad stuff out. What is often overlooked is that once inside, “bad stuff” can easily tunnel outbound through a perimeter, allowing more “badness” to enter unfettered. It is important to control and monitor outbound traffic from your networks. Indeed, this can […]
2012 NCSAM Tip #12
Being ready for anything is the name of the game when it comes to the electric sector. Being able to have the resources and capabilities to respond and recover from an emergency is a vital function in keeping the lights on. From a big storm blowing over power lines to squirrel’s tripping protective equipment to […]