cybersecurity

Lawmakers, industry, and government entities, including the Department of Energy (DOE) and the National Institute of Standards and Technology (NIST), this week released a string of measures responding to mounting cybersecurity attacks by state-sponsored actors. A Revised Cybersecurity Framework On April 16, the Commerce Department’s NIST, a federal standards laboratory, released an updated version of […]

Russian state-sponsored cyber actors are exploiting routers and other network infrastructure devices worldwide to conduct man-in-the-middle attacks that specifically target critical infrastructure providers and other sectors, the U.S. Department of Homeland Security (DHS), the FBI, and the UK’s National Cyber Security Centre (NCSC) warned in a new joint technical alert. In the U.S. Computer Emergency […]

  Defense-in-depth is a concept that is already widely deployed by many organizations within their IT infrastructures. However, many organizations do not apply it to their industrial control system (ICS) operations, owing mostly to obscure protocols. But as IT and ICS architectures converge and high-profile cybersecurity incidents mount, a robust, holistic defense-in-depth solution may be […]

The energy industry must work together to restore trust in the digital age.   When Hurricane Harvey hit, Houston knew what to do. Emergency response plans went immediately into effect to save lives and jump-start a long recovery. But as energy leaders convene here in the world’s energy capital for CERAWeek, we need to ask […]

Russian government cyber threat actors have infiltrated workstations and servers of corporate networks containing data output from industrial control systems (ICS) or supervisory control and data acquisition (SCADA) systems associated with an unnamed number of power plants, the Department of Homeland Security (DHS) has warned. The dire warning issued by the agency’s U.S. Computer Emergency […]

Though increasingly serious cybersecurity threats loom, nearly two-thirds of U.S. industrial control system (ICS) vulnerabilities identified in 2017 could cause severe operational impact if exploited, cybersecurity firm Dragos Inc. warned in a series of reports published March 1. The reports, which cover ICS vulnerabilities, ICS threats, and reactions to existing threats, draw a dire picture […]

Researchers have successfully demonstrated an open-source supervisory control and data acquisition (SCADA) system designed to withstand attacks and compromises on the power grid. The intrusion-tolerant system—called “Spire”—keeps power flowing even if part of the system is compromised, and it may be a breakthrough for grid resiliency, industry observers said. Spire was built from the ground […]

Cybersecurity threats have increased dramatically as sophisticated, nation-state developed hacking programs have been leaked to the general public. Now, common criminals have high-tech tools at their disposal with the capability to cause serious damage. As such, the power industry must take precautions and upgrade security to keep systems safe. While regulations provide a minimum security […]

  A newly established U.S. Department of Energy (DOE) office dedicated to cybersecurity, energy security, and emergency response may be a signal that it is elevating its focus on emerging grid threats. The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) will use $96 million in funding included in President Trump’s Fiscal Year 2019 budget […]

100% of survey respondents say their cybersecurity function is not fit for purpose Utilities struggle to monitor their digital ecosystem more than all other sectors 85% of respondents say they don’t have a robust incident response program  LONDON, 31 JANUARY 2018. All utilities organizations surveyed in the latest EY Power and Utilities Global Information Security […]