SlideShare a Scribd company logo

The Expanding Web of Cybersecurity Requirements

Download as PPTX, PDF
EnergySec
EnergySec

Presented at the May 11, 2011 UTC Telecom conference, Patrick Miller delves into the expanding web of cybersecurity requirements.

TechnologyBusiness
1 of 10
The Expanding Web of Cybersecurity Requirements Patrick C Miller, President and CEO May 11 2011 UTC TELECOM 2011
Abstract “…security is an art – and you cannot legislate art.” - Bill Bryan, Deputy Assistant Secretary of Infrastructure Security & Energy Restoration, US DOE The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
Levity, Sort Of So there was this investor owned, self-insured utility with a critical generation plant in a maritime port with an onsite credit union and urgent care facility who processed their own credit card transactions… (PCI, SOX, GLBA, MTSA, HIPAA, NERC CIP, CFATS, state PII) …and the transmission bus was in an adjacent facility owned by a Federal Power Marketing Authority… (add FISMA) The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
Cybersecurity Landscape • Security regulations favor new installations, legacy environments are still vulnerable – Bolt-ons increase complexity – Mixing legacy and bleeding edge tech is difficult • Isolation has diminishing security value • Engineering and Security are different • Logical distance between kinetic endpoint and HMI is exponentially increasing; “hyperembeddedness” • Nation-state quality defense is the new norm The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
Smart Grid Standards • FERC/NERC/PUC lines are not clear • Some state commissions do not have expertise or sufficient staff to deal with the smart grid wave • Commissions and utilities are both moving forward, but inconsistently • Privacy and security will be significant issues • Suffering from standard fatigue The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 4
NERC CIP Standards The Bad News: • Often viewed as ceiling vs. floor • Little change in over a decade • Technical Feasibility Exceptions The Good News: • Formalized security as a real issue within industry • Known minimum bar • Fantastic growth potential The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
Future Standards? • Cyber-boogeyman, cyber-FUD • Who’s got the cyber legislation pole position? • Threats move faster than legislation and regulation • Hackers don’t use a checklist • If you want legislation really bad, you will get really bad legislation; same for regulation – Converse = analysis paralysis; seek equilibrium • Good security wasn’t invented yesterday The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
Future Standards? • Intelligent islanding? • Data breach disclosure? • Vendor/product responsibility? • Utility responsibility? • Federal presence? • Does self-regulation work? • Top down or bottom up – or both? The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
The Question • Long: How do we get simple, complementary and comprehensive cyber legislation for all interdependent critical infrastructures, based on solid actuarial risk data, to protect both the public and private sectors but doesn’t cause rates/costs to rise to unacceptable levels? • Short: Fast, inexpensive, good. Pick two. The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
Questions? Non-profit. Independent. Trusted. Patrick C Miller, President and CEO patrick@energysec.org 503-446-1212 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9

Recommended

Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
Capstone Paper
Capstone PaperCapstone Paper
Capstone PaperThomas Kaczmarek
 
2012 Reenergize the Americas 3B: Ralph Martinez
2012 Reenergize the Americas 3B: Ralph Martinez2012 Reenergize the Americas 3B: Ralph Martinez
2012 Reenergize the Americas 3B: Ralph MartinezReenergize
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
Cyber resilient infrastructure infographic
Cyber resilient infrastructure infographicCyber resilient infrastructure infographic
Cyber resilient infrastructure infographicAtkins
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 

Recommended

Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
Capstone Paper
Capstone PaperCapstone Paper
Capstone PaperThomas Kaczmarek
 
2012 Reenergize the Americas 3B: Ralph Martinez
2012 Reenergize the Americas 3B: Ralph Martinez2012 Reenergize the Americas 3B: Ralph Martinez
2012 Reenergize the Americas 3B: Ralph MartinezReenergize
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
Cyber resilient infrastructure infographic
Cyber resilient infrastructure infographicCyber resilient infrastructure infographic
Cyber resilient infrastructure infographicAtkins
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David WollmanMaRS Discovery District
 
Introduction by ann cavoukian
Introduction by ann cavoukianIntroduction by ann cavoukian
Introduction by ann cavoukianMaRS Discovery District
 
IoT.ppt
IoT.pptIoT.ppt
IoT.pptKundan Kumar
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Capstone Final Presentation
Capstone Final PresentationCapstone Final Presentation
Capstone Final PresentationKartik Uppal
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
Uwuiit110042
Uwuiit110042Uwuiit110042
Uwuiit110042Uditha Kekulawala
 
Data protection and smart grids
Data protection and smart gridsData protection and smart grids
Data protection and smart gridsRónán Kennedy
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesRónán Kennedy
 
The Internet of Things (IoT)
The Internet of Things (IoT)The Internet of Things (IoT)
The Internet of Things (IoT)Dadhaniya Renish
 
T063500000200201 ppte
T063500000200201 ppteT063500000200201 ppte
T063500000200201 ppteyasinalimohammed
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryKevin Murphy
 
Tigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryTigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryChristian Glover Wilson
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
Security threat trends by category
Security threat trends by categorySecurity threat trends by category
Security threat trends by categorydstrup1955
 
Us ignite-update-connectedcollab
Us ignite-update-connectedcollabUs ignite-update-connectedcollab
Us ignite-update-connectedcollabUS-Ignite
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber securitysajid mehmood
 
Most Viewed Article for an year in Academia - International Journal of Distri...
Most Viewed Article for an year in Academia - International Journal of Distri...Most Viewed Article for an year in Academia - International Journal of Distri...
Most Viewed Article for an year in Academia - International Journal of Distri...ijdpsjournal
 
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...Assespro Nacional
 
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010ARC Advisory Group
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...EnergySec
 

More Related Content

What's hot

Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David WollmanMaRS Discovery District
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Capstone Final Presentation
Capstone Final PresentationCapstone Final Presentation
Capstone Final PresentationKartik Uppal
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
Data protection and smart grids
Data protection and smart gridsData protection and smart grids
Data protection and smart gridsRónán Kennedy
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesRónán Kennedy
 
The Internet of Things (IoT)
The Internet of Things (IoT)The Internet of Things (IoT)
The Internet of Things (IoT)Dadhaniya Renish
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryKevin Murphy
 
Tigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryTigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryChristian Glover Wilson
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
Security threat trends by category
Security threat trends by categorySecurity threat trends by category
Security threat trends by categorydstrup1955
 
Us ignite-update-connectedcollab
Us ignite-update-connectedcollabUs ignite-update-connectedcollab
Us ignite-update-connectedcollabUS-Ignite
 
Most Viewed Article for an year in Academia - International Journal of Distri...
Most Viewed Article for an year in Academia - International Journal of Distri...Most Viewed Article for an year in Academia - International Journal of Distri...
Most Viewed Article for an year in Academia - International Journal of Distri...ijdpsjournal
 
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...Assespro Nacional
 
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010ARC Advisory Group
 

What's hot (20)

Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David Wollman
 
Introduction by ann cavoukian
Introduction by ann cavoukianIntroduction by ann cavoukian
Introduction by ann cavoukian
 
IoT.ppt
IoT.pptIoT.ppt
IoT.ppt
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
Capstone Final Presentation
Capstone Final PresentationCapstone Final Presentation
Capstone Final Presentation
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
 
Uwuiit110042
Uwuiit110042Uwuiit110042
Uwuiit110042
 
Data protection and smart grids
Data protection and smart gridsData protection and smart grids
Data protection and smart grids
 
From Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital RulesFrom Law to Code: Translating Legal Principles into Digital Rules
From Law to Code: Translating Legal Principles into Digital Rules
 
The Internet of Things (IoT)
The Internet of Things (IoT)The Internet of Things (IoT)
The Internet of Things (IoT)
 
T063500000200201 ppte
T063500000200201 ppteT063500000200201 ppte
T063500000200201 ppte
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industry
 
Tigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy IndustryTigerspike - Cybersecurity and Mobility in the Energy Industry
Tigerspike - Cybersecurity and Mobility in the Energy Industry
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlaw
 
Security threat trends by category
Security threat trends by categorySecurity threat trends by category
Security threat trends by category
 
Us ignite-update-connectedcollab
Us ignite-update-connectedcollabUs ignite-update-connectedcollab
Us ignite-update-connectedcollab
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
Most Viewed Article for an year in Academia - International Journal of Distri...
Most Viewed Article for an year in Academia - International Journal of Distri...Most Viewed Article for an year in Academia - International Journal of Distri...
Most Viewed Article for an year in Academia - International Journal of Distri...
 
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
[GPATS 2013] Makoto (Mac) Yokozawa - Cyber Immune Systems That Helps Trust a...
 
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
 

Viewers also liked

EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...EnergySec
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 OverviewEnergySec
 
North American Generator Forum Update
North American Generator Forum UpdateNorth American Generator Forum Update
North American Generator Forum UpdateEnergySec
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITEnergySec
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...EnergySec
 

Viewers also liked (6)

EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO Overview
 
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 Overview
 
North American Generator Forum Update
North American Generator Forum UpdateNorth American Generator Forum Update
North American Generator Forum Update
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and IT
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
 

Similar to The Expanding Web of Cybersecurity Requirements

Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
Security of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPSecurity of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPEnergySec
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceCoreTrace Corporation
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:CoreTrace Corporation
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Capstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid SecurityCapstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid Securityreuben_mathew
 
Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Dave Darnell
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...TheAnfieldGroup
 
Advanced Solutions for Critical Infrastructure Protection
Advanced Solutions for Critical Infrastructure ProtectionAdvanced Solutions for Critical Infrastructure Protection
Advanced Solutions for Critical Infrastructure ProtectionEntrust Datacard
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Phil Agcaoili
 
IBM End-to-End Security for Smart Grids
IBM End-to-End Security for Smart GridsIBM End-to-End Security for Smart Grids
IBM End-to-End Security for Smart GridsIBM Energy & Utilties
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 

Similar to The Expanding Web of Cybersecurity Requirements (20)

Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD Meeting
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD Meeting
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer Look
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot Camp
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric Sector
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric Sector
 
Security of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPSecurity of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIP
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
Capstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid SecurityCapstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid Security
 
Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
 
Advanced Solutions for Critical Infrastructure Protection
Advanced Solutions for Critical Infrastructure ProtectionAdvanced Solutions for Critical Infrastructure Protection
Advanced Solutions for Critical Infrastructure Protection
 
Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13Southern Risk Council - Cybersecurity Update 10-9-13
Southern Risk Council - Cybersecurity Update 10-9-13
 
IBM End-to-End Security for Smart Grids
IBM End-to-End Security for Smart GridsIBM End-to-End Security for Smart Grids
IBM End-to-End Security for Smart Grids
 
2-25-2014 Part 1 - NRECA Kickoff Meeting v2
2-25-2014 Part 1 - NRECA Kickoff Meeting v22-25-2014 Part 1 - NRECA Kickoff Meeting v2
2-25-2014 Part 1 - NRECA Kickoff Meeting v2
 
Nreca kickoff meeting
Nreca kickoff meetingNreca kickoff meeting
Nreca kickoff meeting
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy Sector
 

More from EnergySec

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...EnergySec
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyEnergySec
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...EnergySec
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityEnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachEnergySec
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!EnergySec
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueEnergySec
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherEnergySec
 

More from EnergySec (20)

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each Other
 

Recently uploaded

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Recently uploaded (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

The Expanding Web of Cybersecurity Requirements

  • 1. The Expanding Web of Cybersecurity Requirements Patrick C Miller, President and CEO May 11 2011 UTC TELECOM 2011
  • 2. Abstract “…security is an art – and you cannot legislate art.” - Bill Bryan, Deputy Assistant Secretary of Infrastructure Security & Energy Restoration, US DOE The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
  • 3. Levity, Sort Of So there was this investor owned, self-insured utility with a critical generation plant in a maritime port with an onsite credit union and urgent care facility who processed their own credit card transactions… (PCI, SOX, GLBA, MTSA, HIPAA, NERC CIP, CFATS, state PII) …and the transmission bus was in an adjacent facility owned by a Federal Power Marketing Authority… (add FISMA) The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
  • 4. Cybersecurity Landscape • Security regulations favor new installations, legacy environments are still vulnerable – Bolt-ons increase complexity – Mixing legacy and bleeding edge tech is difficult • Isolation has diminishing security value • Engineering and Security are different • Logical distance between kinetic endpoint and HMI is exponentially increasing; “hyperembeddedness” • Nation-state quality defense is the new norm The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
  • 5. Smart Grid Standards • FERC/NERC/PUC lines are not clear • Some state commissions do not have expertise or sufficient staff to deal with the smart grid wave • Commissions and utilities are both moving forward, but inconsistently • Privacy and security will be significant issues • Suffering from standard fatigue The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 4
  • 6. NERC CIP Standards The Bad News: • Often viewed as ceiling vs. floor • Little change in over a decade • Technical Feasibility Exceptions The Good News: • Formalized security as a real issue within industry • Known minimum bar • Fantastic growth potential The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
  • 7. Future Standards? • Cyber-boogeyman, cyber-FUD • Who’s got the cyber legislation pole position? • Threats move faster than legislation and regulation • Hackers don’t use a checklist • If you want legislation really bad, you will get really bad legislation; same for regulation – Converse = analysis paralysis; seek equilibrium • Good security wasn’t invented yesterday The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
  • 8. Future Standards? • Intelligent islanding? • Data breach disclosure? • Vendor/product responsibility? • Utility responsibility? • Federal presence? • Does self-regulation work? • Top down or bottom up – or both? The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
  • 9. The Question • Long: How do we get simple, complementary and comprehensive cyber legislation for all interdependent critical infrastructures, based on solid actuarial risk data, to protect both the public and private sectors but doesn’t cause rates/costs to rise to unacceptable levels? • Short: Fast, inexpensive, good. Pick two. The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
  • 10. Questions? Non-profit. Independent. Trusted. Patrick C Miller, President and CEO patrick@energysec.org 503-446-1212 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9