Device Hardening and Continuous Compliance Monitoring CONTINUOUS COMPLIANCE


Read the latest news, developments and opinion pieces on NERC CIP compliance from industry experts New Net Technologies.

Click on a link below for information on how you can ensure your IT systems comply with security standards. .

According to researchers at security firm ESET, a threat group using the Russia-linked ‘Black Energy’ malware are to blame for the recent power outages in Ukraine.

Business Blackout NERC CIP

A nightmare scenario based on a devastating APT attack on the US energy grid has been provided by the University of Cambridge’s Centre for Risk Studies and Lloyds.

British Gas has acknowledged pressure coming from the cyber-security profession and agreed to take another look at its policy toward password managers, in order to maintain continuous compliance of cyber security controls.

CERT-UK guidance for securing Industrial Control Systems

The US have a well-established security framework for protecting the US nation’s bulk electric supply – NERC CIP.

And now the UK’s CERT-UK (UK National Computer Emergency Response Team) have now published their own guidance for securing Industrial Control Systems.

NERC CIP Version 5 compliance now urgent

Research by USA Today reveals that the US power grid suffers some kind of physical or cyber attack every four days.

Of particular interest is the high incidence of cyberattacks, although the most recent ICS-CERT report (the Cyber Emergency Reponse Team covering all industries utilizing industrial control systems) suggests an even higher incidence of cyber attacks.


The latest ICS-CERT report includes some analysis of cyber security incidents reported to them in Fiscal Year 2014. Of the 245 incidents reported, 55% were attributed to some form of Advanced Persistent Threat (APT), but overall 38% of the 245 incidents remain unexplained:

NERC CIP 007-03 Audit Reports

The World is Not Enough…

A NERC CIP compliance audit isn’t all speedboats and supermodels, even when tackling CIP 007 (which is actually focused on maintaining a hardened build standard and may leave you wanting to fire your own ejector seat).


Two newly discovered vulnerabilities have been classified with a maximum CVSS Score of 10 and users of Schneider Electric ETG3000 FactoryCast HMI Gateway should take immediate action to protect SCADA systems from attack.

Steel Mill shut down by hackers - NERC CIP

This cyber attack will immediately draw comparisons with the infamous Stuxnet attack but does it also mark a tipping point for all industries to take cyber security seriously?

Industrial Control Systems

CSOOnline report that the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a division of the U.S. Department of Homeland Security (ICS-CERT) issued an advisory on Tuesday warning that malware has been used since 2011 to attack a number of ICS (Industrial Control Systems).

Share this blog post

USA Offices
New Net Technologies Ltd
9128 Strada Place
Naples, Florida, 34108
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
NNT Logo
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
St Albans


Tel: 08456 585 005
Fax: 08456 122 031
Connect with NNT
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Sign up to NNT's IT security and compliance monthly newsletter. Get breaking security news, how-to tips, trends and commentary direct to your inbox.