Cybersecurity Road Trip

During the last two weeks, I had the privilege to speak on cybersecurity at two industry conferences, the ARC World Industry Forum and the SANS 11th Annual ICS Security Summit. While these represent two different audiences, the sessions and conversations were strikingly similar and I think reflective of how industry is viewing ICS cybersecurity. Here are some of the consistent themes:You must know what you have. Users and... Read more

The Risk of Not Knowing

“The big problems are where people don’t realize they have one in the first place.”  – Edward Deming Deming’s observation seems obvious enough. When you apply this to ICS cybersecurity, what are the “big problems” that companies don’t realize? In the power, petrochemical, and oil & gas industries, the stakes are high. These big problems – especially ... Read more

A Tale of Two Lines

Change is part of daily industrial operations. Detecting a change and assessing the validity of that change are critical to effective ICS cybersecurity. Let’s say, for instance, that two lines have been removed from an SIS configuration file. Now let’s say this change blinds the operator to the availability of the SIS.How will you know this configuration change occurred? This particular change happens deep... Read more

Customer Perspective: Southern Company Discusses CSI (and No, it’s not the TV show)

Last week at the ARC Forum, James Goosby of Southern Company presented a case study on how Southern is approaching NERC CIP compliance with their Control System Integrity, or “CSI,” initiative. Southern, like all power companies in the US and Canada, faces a looming deadline of April 2016 for NERC CIP Version 5 compliance. Their CSI initiative automates compliance for control systems by:Configuration management... Read more