NERC CIP Blog
Read the latest news, developments and opinion pieces on NERC CIP compliance from industry experts New Net Technologies.
Click on a link below for information on how you can ensure your IT systems comply with security standards. .
According to the latest report from PwC, two-thirds (65%) of UK businesses are worried about potential cyber threats within the energy sector that could lead to catastrophic data breaches or even service outages.
Researchers at the industrial cybersecurity firm Dragos have found that thousands of industrial facilities have their systems infected with common malware every year.
A new study has found that the US oil and gas industry and falling behind when it comes to cyber security preparedness, with nearly two-thirds (68%) of organizations having suffered a major security breach in the last year.
A nightmare scenario based on a devastating APT attack on the US energy grid has been provided by the University of Cambridge’s Centre for Risk Studies and Lloyds.
British Gas has acknowledged pressure coming from the cyber-security profession and agreed to take another look at its policy toward password managers, in order to maintain continuous compliance with cyber security controls.
Research by USA Today reveals that the US power grid suffers some kind of physical or cyber attack every four days.
Of particular interest is the high incidence of cyberattacks, although the most recent ICS-CERT report (the Cyber Emergency Response Team covering all industries utilizing industrial control systems) suggests an even higher incidence of cyber attacks.
The latest ICS-CERT report includes some analysis of cyber security incidents reported to them in Fiscal Year 2014. Of the 245 incidents reported, 55% were attributed to some form of Advanced Persistent Threat (APT), but overall 38% of the 245 incidents remain unexplained:
Two newly discovered vulnerabilities have been classified with a maximum CVSS Score of 10 and users of Schneider Electric ETG3000 FactoryCast HMI Gateway should take immediate action to protect SCADA systems from attack.
This cyber attack will immediately draw comparisons with the infamous Stuxnet attack but does it also mark a tipping point for all industries to take cyber security seriously?
CSOOnline report that the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a division of the U.S. Department of Homeland Security (ICS-CERT) issued an advisory on Tuesday warning that malware has been used since 2011 to attack a number of ICS (Industrial Control Systems).