cybersecurity

For the better part of the past decade, utility companies have been more concerned with the potential for outages than cyberattacks, but this has changed over the past several months. The Colonial Pipeline ransomware attack and the remote cyberattack on a Florida water treatment plant put cybersecurity top-of-mind and made it clear hackers can do […]

In December 2020, the U.S. Department of Energy announced a new subcommittee focused on the nation’s electric grid. The Grid Resilience for National Security subcommittee was a response to increasing threats to the country’s expansive electric grid that reliably delivers electricity to power the digital age. Today, those threats are even more relevant than ever […]

Cyberattacks on the U.S. energy system threaten our national security and way of life. While the sources of such risks may be debatable, the threats are real and the potential consequences are grave. Former

  COMMENTARY Supply chain security is top of mind these days for policymakers and regulators focused on protecting the utility industry and other critical infrastructure. A cyber vulnerability with a single supplier can take down an entire supply chain network and the entities that use its products. The organizations that support and supply products and […]

The Biden administration is moving to add more safeguards to the nation’s critical infrastructure by establishing a new voluntary public-private collaboration that will focus wholly on industrial control systems (ICS) cybersecurity. The administration formally launched the “Industrial Control Systems Cybersecurity Initiative” in the “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems” signed by […]

IBM Security reported on July 28 that the average cost of recent data breaches was $4.24 million per incident, the highest cost ever recorded by the company in 17 years of tracking the metric. Notably, data breaches in the U.S. were by far the costliest, exceeding $9 million per incident on average. The findings were […]

In early May 2021, a Russian cyber-criminal group hit Colonial Pipeline, the largest U.S. oil and natural gas pipeline system, with a devastating ransomware attack. The exploit maliciously encrypts computer files, making them inaccessible unless the victim pays a ransom. To contain the threat, Colonial was forced to temporarily shut down portions of its operations […]

How do you protect yourselves from cybercriminals that plan to hold your organization for ransom? These criminals are intelligent, extremely computer literate, and know that production facilities, the utility sector, and mainly the power sector are ripe for ransom threats. The criminal hack organization known as DarkSide created a malicious computer code that resulted in […]

When securing network assets, a long and often complex list of configurations must be performed to ensure industrial control systems have the appropriate cyber protection. This article presents a systematic

Owners and operators of the 100 most “critical” hazardous liquid and natural gas pipelines, and liquefied natural gas (LNG) facilities will need to act within the next 30 days to align with federal cybersecurity guidance under new mandates issued by the Transportation Security Administration (TSA). The TSA’s May 27-issued pipeline-focused security directive is a notable, […]