Instead of hitting you over the head with a sledgehammer of an epic year-end wrap-up post with dozens of links to as many posts, how about I take it easy on you and point back to just a couple of stand-outs?
The first is was the most widely read post, with over 3,000 separate views, and it was called "The Value of Black Hat for Smart Grid Security." It basically makes the case that vendors of insecure or un-secure-able electric sector products will eventually be called out in one fashion or another, and concludes with:
Suppliers thinking they'll save money by moving slowing on improving the security characteristics of their products are playing with fire. The lesson of Black Hat is that they'll be found out. It may not be by NERC. And their utility customers may be focusing on other pressing challenges. But sooner or later, the Black Hat crew will be on your case and when they do it'll take more than tons of money to get your troubles behind you.The second is mentioned here simply because it was my favorite, as well as the favorite of many folks who told me so via email or at conferences and such. "The Best Talk Ever on NERC CIPS and Grid Security ... Period." It's not the blog post, so much as the talk by FERC's Stephen Flanagan to which it linked, that got people worked up. In my mind, never was the corporate psychology of compliance so artfully skewered.
Lastly, I'm psyched about the re-emergence of early SGSB blogger, fellow IBMer, and eternal cyber security guru Jack Danahy on these pixelated pages. Beginning with "A New Breed of Security Attributes for our Time," he's begun a series of deep dives on thoroughly rethinking cyber security strategies, policies and practices in this and other sectors. Am greatly looking forward to see where he takes this in 2012.
Hope everyone is taking a little bit of well deserved down-time with friends and family. We've got a ton of work to do next year and it'll be best to hit the ground running with a fresh pair of legs.
Merry Christmas and Happy New Years. Andy
Photo credit: daveynin@Flickr.com