Protecting Data Fast and Cheap in the IIoT
The National Institute of Standards and Technology's National Cybersecurity Center of Excellence (NCCoE) actively reaches out to industry partners for feedback on what companies consider the most important cybersecurity challenges, and what companies might be doing about them, said Don Faatz, a cybersecurity engineer at The MITRE Corporation working at the NCCoE. Companies can submit and test products at the center provided that the solutions integrate with other commercial offerings.
Siemens Contributes to NIST Draft Cybersecurity Guide for Energy Sector
Siemens and the National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence have collaborated to craft a cybersecurity practice guide for the energy sector.
Siemens Partners with NIST on Guide to Understanding and Managing Situational Awareness Across the Energy Enterprise
Siemens, over the last several months, has worked closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a cybersecurity project for the energy sector.
NIST electric risk guide comments due
The comments due today are on NIST's draft guide for electric utilities “Situational Awareness for Electric Utilities” which outlines methods for detecting and remediating cyber anomalies, investigating those risks and sharing findings with other energy companies.
Comments due on draft 'situational' cyber guide for electric utilities
The draft guide—1800-7—on “Situational Awareness for Electric Utilities” was developed and released in February for public comment by NIST's National Cybersecurity Center of Excellence with input from industry, and provides an “example solution” to help utilities alert staff to potential and actual cyber attacks on the electric grid.
Let's Act Now to Prevent Hacking of the Power Grid
The grid has been vulnerable physically for decades. Today, we are just beginning to understand the seriousness of an emerging threat to the grid’s cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy. But its computerized control could be abused by attackers who get into the systems.
NIST Releases Cybersecurity Practice Guide
The National Cybersecurity Center of Excellence (NCCoE) released a draft of the National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide, Special Publication 1800-7: "Situational Awareness for Electric Utilities." The Practice Guide includes a model solution that can be used by electric sector companies to alert their staff to potential or actual cyber attacks.
Centralizing Situational Awareness in Energy Companies
Waratek, along with a group of companies including Hewlett Packard Enterprise, Siemens, and RSA, worked closely with the National Cybersecurity Center of Excellence (NCCoe) to develop an example solution for electric companies to alert their staff to potential or actual cyberattacks directed at the grid. The example draft outlines the implementation of this solution and comments from the public are sought until April 17, 2017.
Cybersecurity of the power grid: A growing challenge
Security standards can help ensure utility companies keep their protection strong. The U.S. National Institute of Standards and Technology has its own recommendations, though they are not mandatory for utilities. A draft version of a new set of guidelines was just released, adding both urgency and detail for utility companies.
NIST seeks comment on draft 'situational' cyber guide for electric utilities
The National Institute of Standards and Technology has released for public comment a draft guide for electric utilities to detect and remediate cyber anomalies, investigate those incidents and share findings with other energy companies. The draft guide on “Situational Awareness for Electric Utilities” was developed by NIST's National Cybersecurity Center of Excellence with input from industry, and provides an “example solution” to help utilities alert staff to potential and actual cyber attacks on the electric grid.
New Guide to Help Electric Utilities Improve Cybersecurity, Situational Awareness
As part of their current cybersecurity efforts, many electric utilities monitor data from the various systems and devices they rely on to keep the power flowing and to secure both their information technology and facilities. Pulling these data together and correlating events across data streams can be a time-consuming process, so the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology collaborated with a team of experts from industry, academia and government to develop a guide utilities can use to improve situational awareness and better respond to potential cyber attacks.
NCCoE Senior Security Engineer Jim McCarthy will help lead a full day NIST NCCoE Workshop at GridSecCon on October 18, 2016 in Quebec City, Quebec. The workshop will discuss top challenges facing the energy industry today, and review profiles and worked example solutions in IdAM, Situational Awareness, and Industrial Control Systems. Topics will also include the NIST Cybersecurity Portfolio and Cybersecurity Framework (CSF).
Electric Utility Cybersecurity Workshop to Address Top Industry Concerns
Cyberattacks are on the rise, and a staggering 41% of them target the energy sector. In order to protect the nation’s critical infrastructure, the sector must contend with a diverse set of unique challenges, from aging and disparate networks to a lack of awareness of threats and vulnerabilities. The National Cybersecurity Center of Excellence (NCCoE), in collaboration with energy sector stakeholders and cybersecurity technology vendors, has developed example solutions that utilities can use to help bolster their security postures. The NCCoE, a part of the National Institute of Standards and Technology (NIST), will host a workshop on October 18, 2016 at the North American Electric Reliability Corporation’s (NERC) Grid Security Conference (GridSecCon) in Quebec City, Canada. GridSecCon...
4th Annual Cyber Security for Oil & Gas Summit
NCCoE Senior Cybersecurity Engineer Jim McCarthy will host the workshop "Remaining Ahead of the Curve: Applying the NIST/NCCoE Energy Sector Practice Guides to the Cyber Security Challenges of the Oil & Gas Industry" at the 4th Annual Cyber Security for Oil & Gas Summit on June 27 at 2:30pm. The summit, held from June 27 - 29 in Houston, TX, will bring together industry experts who will address critical concerns and trends regarding cyber security for the oil & gas industry, and cover how to address these concerns in a down market. Download the full agenda.
Using Identity to Safeguard the Nation's Critical Infrastructure from Complex Threats
NCCoE senior security engineer Jim McCarthy will be presenting a webinar on Identity and Access Management in conjunction with the energy sector build team collaborator AlertEnterprise on June 7 from 1pm to 2pm ET. In this session hear directly from industry as well as the nation’s leading research organization about techniques they have been developed to extend identity information beyond the traditional purview of IT by including physical access and OT (operational Technology) access to deliver a more holistic view of security. Learn correlating identity and roles-based attributes to determine access to IT systems, facilities and critical operating assets provides a 360-degree view of security to uncover gaps that cannot be identified by IT or Corporate Security alone.
What is your cybersecurity plan?
Leverage government-industry partnerships such as NIST's National Cybersecurity Center of Excellence (NCCoE) to help jump start your IAM and situational awareness implementations. NCCoE has a plethora of cybersecurity implementation examples that can help all size energy organizations leverage proven third-party products to address cybersecurity framework, NERC CIP, and other standards and best practices.
UTC Telecom & Technology 2016
NCCoE Deputy Director Nate Lesser will be speaking on Wednesday, May 4, at 9:15-10:15am about Situational Awareness in a Converged IT/OT Environment. The conference will be held Monday through Friday, May 2-6, at the Colorado Convention Center in Denver.
ICSJWG 2016 Spring Meeting
NCCoE senior security engineer Jim McCarthy will be presenting "Situational Awareness for the Energy Sector" on May 4 at 3:20 PM at the Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting 2016. The conference brings together leaders in critical infrastructure security to discuss the latest initiatives impacting the security of our critical infrastructure, and will be held from May 3 - 5 at the Chaparral Suites in Scottsdale, AZ.
Click here to find out more about the conference.
ISACA Spring Conference 2016
NCCoE associate director of operations Tim McBride will be speaking at the ISACA Spring Conference 2016. The conference will be held from April 11-13 at the Hilton Los Angeles/Universal City in Los Angeles, CA.
Top ten cybersecurity tips for the electric sector
Leverage government-industry partnerships such as NIST’s National Cybersecurity Center of Excellence (NCCoE) to help jump start your IAM and situational awareness implementations. NCCoE has a plethora of cybersecurity implementation examples that can help all size energy organizations leverage proven third-party products to address cybersecurity framework, NERC CIP, and other standards and best practices.