Ampyx Cyber Blog
The Intersection of Regulation & Resilience
Four Years In: What NERC’s Cyber Security Incident Reporting Data Tells Us (and What It Doesn’t)
In the world of Bulk Electric System (BES) cybersecurity, signals of risk don’t always arrive with alarms blaring or malware lighting up dashboards. Sometimes, the signs are quieter—brute force login failures, odd port scans, or a sudden spike in account lockouts. The annual CIP-008-6 report, filed March 21, 2025 by NERC, shines a small but telling light on just such signals.
Communication avalanche: What utilities need to think about before a nation-state cyberattack happens to them
Utilities are preparing for the technical side of a cyberattack generated by the Russia-Ukraine conflict. But there is another aspect to these attacks that can cause chaos if you’re not ready. We’ll explore that here.
How it started, where it's going: 20 years of NERC CIP
Two key people who helped start NERC CIP 20 years ago talk about how and why it came together, and where it could go next. Patrick C. Miller, one of the first NERC CIP auditors in the country, and Earl Shockley, a former leader at NERC, talk about this momentous regulation that changed the electric sector cybersecurity landscape forever.
Ask An Expert
GOT A TOUGH QUESTION?
Sometimes you just need to phone a friend. Ask us anything, any time. You don’t need to be an existing or prospective client. No cost, no hassle and no commitment. We will not put you on a contact list and our sales team won’t harass you. We will always respect your privacy. We promise. Just real answers from real experts for real problems.