News and Events

May 07, 2017

Siemens, over the last several months, has worked closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a cybersecurity project for the energy sector.

April 25, 2017

The National Institute of Standards and Technology's National Cybersecurity Center of Excellence (NCCoE) actively reaches out to industry partners for feedback on what companies consider the most important cybersecurity challenges, and what companies might be doing about them, said Don Faatz, a cybersecurity engineer at The MITRE Corporation working at the NCCoE. Companies can submit and test products at the center provided that the solutions integrate with other commercial offerings.

April 20, 2017

Siemens and the National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence have collaborated to craft a cybersecurity practice guide for the energy sector.

April 18, 2017

Siemens, over the last several months, has worked closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a cybersecurity project for the energy sector.

April 17, 2017

The comments due today are on NIST's draft guide for electric utilities “Situational Awareness for Electric Utilities” which outlines methods for detecting and remediating cyber anomalies, investigating those risks and sharing findings with other energy companies.

April 14, 2017

The draft guide—1800-7—on “Situational Awareness for Electric Utilities” was developed and released in February for public comment by NIST's National Cybersecurity Center of Excellence with input from industry, and provides an “example solution” to help utilities alert staff to potential and actual cyber attacks on the electric grid.

March 04, 2017

The grid has been vulnerable physically for decades. Today, we are just beginning to understand the seriousness of an emerging threat to the grid’s cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy. But its computerized control could be abused by attackers who get into the systems.

March 02, 2017

The National Cybersecurity Center of Excellence (NCCoE) released a draft of the National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide, Special Publication 1800-7: "Situational Awareness for Electric Utilities." The Practice Guide includes a model solution that can be used by electric sector companies to alert their staff to potential or actual cyber attacks.  

February 23, 2017

Waratek, along with a group of companies including Hewlett Packard Enterprise, Siemens, and RSA, worked closely with the National Cybersecurity Center of Excellence (NCCoe) to develop an example solution for electric companies to alert their staff to potential or actual cyberattacks directed at the grid. The example draft outlines the implementation of this solution and comments from the public are sought until April 17, 2017.

February 23, 2017

Security standards can help ensure utility companies keep their protection strong. The U.S. National Institute of Standards and Technology has its own recommendations, though they are not mandatory for utilities. A draft version of a new set of guidelines was just released, adding both urgency and detail for utility companies.

February 17, 2017

The National Institute of Standards and Technology has released for public comment a draft guide for electric utilities to detect and remediate cyber anomalies, investigate those incidents and share findings with other energy companies. The draft guide on “Situational Awareness for Electric Utilities” was developed by NIST's National Cybersecurity Center of Excellence with input from industry, and provides an “example solution” to help utilities alert staff to potential and actual cyber attacks on the electric grid.

February 16, 2017

As part of their current cybersecurity efforts, many electric utilities monitor data from the various systems and devices they rely on to keep the power flowing and to secure both their information technology and facilities. Pulling these data together and correlating events across data streams can be a time-consuming process, so the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology collaborated with a team of experts from industry, academia and government to develop a guide utilities can use to improve situational awareness and better respond to potential cyber attacks.

October 17, 2016

NCCoE Senior Security Engineer Jim McCarthy will help lead a full day NIST NCCoE Workshop at GridSecCon on October 18, 2016 in Quebec City, Quebec. The  workshop will discuss top challenges facing the energy industry today, and review profiles and worked example solutions in IdAM, Situational Awareness, and Industrial Control Systems. Topics will also include the NIST Cybersecurity Portfolio and Cybersecurity Framework (CSF). 

October 13, 2016

Cyberattacks are on the rise, and a staggering 41% of them target the energy sector. In order to protect the nation’s critical infrastructure, the sector must contend with a diverse set of unique challenges, from aging and disparate networks to a lack of awareness of threats and vulnerabilities. The National Cybersecurity Center of Excellence (NCCoE), in collaboration with energy sector stakeholders and cybersecurity technology vendors, has developed example solutions that utilities can use to help bolster their security postures. The NCCoE, a part of the National Institute of Standards and Technology (NIST), will host a workshop on October 18, 2016 at the North American Electric Reliability Corporation’s (NERC) Grid Security Conference (GridSecCon) in Quebec City, Canada. GridSecCon...

June 26, 2016

NCCoE Senior Cybersecurity Engineer Jim McCarthy will host the workshop "Remaining Ahead of the Curve: Applying the NIST/NCCoE Energy Sector Practice Guides to the Cyber Security Challenges of the Oil & Gas Industry" at the 4th Annual Cyber Security for Oil & Gas Summit on June 27 at 2:30pm. The summit, held from June 27 - 29 in Houston, TX, will bring together industry experts who will address critical concerns and trends regarding cyber security for the oil & gas industry, and cover how to address these concerns in a down market. Download the full agenda.

June 06, 2016

NCCoE senior security engineer Jim McCarthy will be presenting a webinar on Identity and Access Management in conjunction with the energy sector build team collaborator AlertEnterprise on June 7 from 1pm to 2pm ET. In this session hear directly from industry as well as the nation’s leading research organization about techniques they have been developed to extend identity information beyond the traditional purview of IT by including physical access and OT (operational Technology) access to deliver a more holistic view of security. Learn correlating identity and roles-based attributes to determine access to IT systems, facilities and critical operating assets provides a 360-degree view of security to uncover gaps that cannot be identified by IT or Corporate Security alone.

May 28, 2016

Leverage government-industry partnerships such as NIST's National Cybersecurity Center of Excellence (NCCoE) to help jump start your IAM and situational awareness implementations. NCCoE has a plethora of cybersecurity implementation examples that can help all size energy organizations leverage proven third-party products to address cybersecurity framework, NERC CIP, and other standards and best practices. 

May 03, 2016

NCCoE Deputy Director Nate Lesser will be speaking on Wednesday, May 4, at 9:15-10:15am about Situational Awareness in a Converged IT/OT Environment. The conference will be held Monday through Friday, May 2-6, at the Colorado Convention Center in Denver.

May 02, 2016

NCCoE senior security engineer Jim McCarthy will be presenting "Situational Awareness for the Energy Sector" on May 4 at 3:20 PM at the Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting 2016. The conference brings together leaders in critical infrastructure security to discuss the latest initiatives impacting the security of our critical infrastructure, and will be held from May 3 - 5 at the Chaparral Suites in Scottsdale, AZ.

Click here to find out more about the conference.

 

April 10, 2016

NCCoE associate director of operations Tim McBride will be speaking at the ISACA Spring Conference 2016. The conference will be held from April 11-13 at the Hilton Los Angeles/Universal City in Los Angeles, CA.