Showing posts with label information sharing. Show all posts
Showing posts with label information sharing. Show all posts

Monday, January 13, 2014

Conference Alert: SmartSec Europe 2014


There's not much time left, but here's an exciting conference for if you're not going to Distributech in San Antonio, but still want to visit a historic city with picturesque waterways.

Location: Amsterdam
Dates: 29-30 January 2014
For more info, click HERE
To register, click HERE

Bonus #1: My friend Johan Rambi and grid security superstar Annabelle Lee will be speaking

Bonus #2: All SmartSec attendees are invited to stay on one more day to help set the course for Europe's new ISAC and situational awareness organization, DENSEK.  It convenes at 1000 hours on Friday the 31st at the same venue.

And in case you're wondering DENSEK includes but is not focused on Denmark. DENSEK stands for Distributed ENenergy SEcurity Knowledge ... capiche?

Photo credit: The Travis Caulfield Travel Blog
Posted by at 9:07 PM
Labels: , , ,

Thursday, October 31, 2013

Because Excercise is Good for US, GridEx II is Coming


In case you've been wondering what kind of shape our North American grid incident response and information sharing system is in, now's your chance to find out.  You can click HERE for more details on what's coming up and register to participate if you're an asset owner one of the other types of orgs that have an official role to play.
  • When: 13-14 November
  • Where: North America
  • Dress: Business Casual
While you're here, here are a few other items of possible interest:
  • You can read a decent GridEx II intro HERE, from the NYTimes
  • Findings and recommendations from the first GridEx begin on page 10 of the After Action Report
  • Click HERE for news on a recent disruptive control system cyber attack on a tunnel traffic system in Israel
Poster image courtesy of Crossfit.com
Posted by at 7:59 AM
Labels: , , , , , ,

Thursday, November 1, 2012

Joe Weiss' 2012 ICS Security Conference Highlights

The twelfth ICS Security has come and gone, and it sounds from the tone of Joe's write-up that whatever progress there's been to date in awareness and/or improved capabilities has been frustratingly slow and incremental.

After twelve years, I guess we can call that a trend.  Nevertheless, the best parts often seem to involve drama related to actual events in the field. Here are Joe's notes on two of them:

Nuclear
An international utility was prepared to share information dealing with a recent cyber security assessment of their nuclear plant control-systems performed by third parties. However, because of a threat by their vendor, they did not present. This decision also affected Ralph Langner's decision not to present. This international utility's assessment and analysis program is more comprehensive than existing US Nuclear Regulatory
Read more »
Posted by at 4:46 PM
Labels: , , ,

Thursday, March 29, 2012

GridSec Texas Wrap-Up: One More Time with Tweets

Here's a few of the tweets from myself and others from GridSec day 2 to give you a tapas-style version of what when down:
  • Erfan Ibrahim: a mosaic of entities hold liability for grid security, but customers usually know/interact with only one. #GridSec
  • At #GridSec, Darren Highfill says we're already paying for security, we're just not calling it that, invoking Russian Roulette metaphor.
  • Both keynoters said cyber security maturity models (like DOE's bldg now) & business metrics might reduce likelihood of legislation”#GridSec
  • Brese & Gunther both said cyber security maturity models (like one DOE's bldg now) & business metrics might reduce likelihood of legislation
  • At #GridSec just asked DOE's Robert Brese & Erich Gunther what would utilities have to do to put Congress more at ease re cyber security ... 
  • Recommend using Gunther's #GridSec preso 4 coaching security folks on thinking/speaking in language that's understandable to business folks 
  • Enernex CEO Erich Gunther kicking off #GridSec day 2. Echoing yesterday's theme of connecting security w/ safety for better business comm 
  • At #GridSec good presentation on offensive cyber security aka Active Defense. Discussing Hactivism, Cybercrime, Cyber Espionage, Cyber War 
  • Strong messages from speakers @ #GridSec on importance to move from geek speak to business speak so those C level folks get #ICSsecurity 
  • Several presentations at #GridSec are finally linking security to safety. #ICS http://www.us-cert.gov/control_systems/icsjwg/presentations/spring2010/08%20-%20Walter%20Sikora.pdf is a preso given a couple years ago 
  • #gridsec You can stop the Stuxnet artifact, but private industry does not have the means to protect against nation-state adversaries 
What was different this time? Well:
  • Without any prompting, I heard metrics, and especially business metrics mentioned quite a lot this time
    There was much discussion around control system security. In fact, one guy who attended the "Beyond AMI" panel yesterday said it was exactly because it wasn't about AMI. Duh!
  • As I said in a previous post and tweets above, linking security and safety was a common theme this time around
  • Lastly, we had more utilities here this time than ever before. Seems like a no brainer, but without their real-world, pragmatic "what works" insights, this effort wouldn't be half as worthwhile
Sad to see it come to a close, but close it always must. Re-connected with all the old folks, and met many new ones, and that was great. Didn't get to say anything like a proper good bye to folks so it looks like au revoir until October back on the west coast when we do this again. Andy
Posted by at 11:11 PM
Labels: , , , , , , , ,

GridSec in Near Real Time - A Tale of the Tweets

This must be some type of social media sin, but I 'm building this post almost entirely out of Tweets I did from yesterday's GridSec conference. In reverse chronological order, they were:
  • Attending Chris Blask's great ICS security panel. Good to see more attention to control system security at the conference this time#GridSec
  • "Beyond AMI" panel co's include Waterfall, Cisco, McAfee, GE and AlertEnterprise at #GridSec
  • At #GridSec, attempting Tweeting-while-moderating. A high wire act. But Beyond AMI panel off to good start with experts from 5 companies.
  • #GridSec Infra security panel seems to concur that appropriate info sharing is security goal #1 for next few years
  • #GridSec talk on sad topic: utilities won't report any attack that could earn them a compliance penalty, so helpful info doesn't get to help
  • In the Security Infrastructure panel, ERCOT speaker said one key focus area needs to be situational awareness. #GridSec
  • From #GridSec - linking security and safety in budget talks.
  • Rea#GridSec conf. First session is CXO perspectives with Vermont Electric's CEO David Hallquist bringing his usual candor, energy and insight
  • Tweeting from #GridSec conference this week http://bit.ly/HhIyj1

Have to keep this short for now, so only commentary I have on the above is that unless you have comprehensive situational awareness, (one speaker's suggestion), then information sharing isn't that big a priority, as you have little to share. Utilities, and any organization for that matter, have to know what's happening with their systems in order to detect, hopefully thwart, and also report this info so others can be on their guard.

Day 2 begins soon ...


Posted by at 7:07 AM
Labels: , , , ,
Subscribe to: Posts (Atom)