Ampyx Cyber Blog
The Intersection of Regulation & Resilience
Protocol Converters: The 2023 SAR Just Got Validated (Again)
The 2023 NERC SAR asked whether protocol converters belong inside CIP-002. A new disclosure of 22 CVEs in serial-to-Ethernet hardware, set against a decade of advisories across the category, settles the question. The categorization debate now has its empirical record, and asset owners have CIP-007 R2 and CIP-013 work to do that does not wait for the standard.
Is Something Weird Happening on Your System?
Learn how critical infrastructure operators can spot the early signs of cyber intrusions directly from the control room. Drawing on the latest NERC and CISA guidance, this updated guide details specific physical hardware, workstation, and SCADA anomalies to watch for. Empower your frontline staff with a proactive "See Something, Say Something" cyber defense strategy tailored for OT environments.
Cybersecurity Performance Goals 2.0: Governance First, Outcomes Always
CISA’s Cybersecurity Performance Goals 2.0 reshape baseline expectations for critical infrastructure. The update elevates governance, strengthens OT-specific requirements, and shifts from checklist controls to outcome-driven resilience. This Policy Pulse post breaks down what changed, why it matters, and how operators should prepare.
Building Blocks of OT Security Monitoring: A Deep Dive for SOC Builders and MSSPs
Learn how to build scalable, OT-aware security monitoring using (free, no cost) open-source tools like Security Onion, Wazuh, Malcolm, and The Hive. Whether you're launching a SOC or growing your MSSP, this guide covers deployment models, costs, timelines, and training to get you started fast - and smart.
Cyber Stress Testing: Strengthening Cyber Resilience in the EU Energy Sector
As cyber threats grow more complex, the EU energy sector is turning to stress testing to bolster its resilience. This post explores ENISA’s 2025 Cyber Stress Test Handbook and how it helps energy providers simulate real-world attacks, uncover vulnerabilities, and strengthen defenses in alignment with NIS2, CER, and the Cyber Solidarity Act.
The Pillars of an Effective Incident Response Plan
A strong Incident Response Plan (IRP) is more than just a document—it’s a foundation built on key elements like asset inventory, network diagrams, logging, communication strategies, backups, and clear roles. In this blog, Dan Ricci, Senior Cybersecurity Consultant at Ampyx Cyber, breaks down the critical components every IRP needs to be resilient and effective in the face of cyber incidents.
Proactive Cyber Defense: Recognizing Cyber Intrusions for Critical Infrastructure System Operators
Leveraging Guidance from the Electric & Water Sectors and Broadening for all Critical Infrastructure. In an era marked by rapid digital transformation and increasing cyber threats, whether electric, water and wastewater systems, chemical, or any other of the critical infrastructure sectors, it is imperative for control system operators to be well-versed in recognizing and responding to cyber intrusions.
Communication avalanche: What utilities need to think about before a nation-state cyberattack happens to them
Utilities are preparing for the technical side of a cyberattack generated by the Russia-Ukraine conflict. But there is another aspect to these attacks that can cause chaos if you’re not ready. We’ll explore that here.
Do I have to comply with the new National Security memorandum on industrial security?
Is the new National Security Memorandum on industrial security mandatory? Watch this interview with Ampere Industrial Security's Patrick Miller for answers that will help guide your next steps.
Industry brief: National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems
Recent activity from the Biden Administration represents a pivotal moment in the establishment of baseline cybersecurity standards for critical infrastructure.
The new National Security Memorandum on industrial security: What does it mean for me?
What do you need to know now that the White House has issued its National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems? Watch this interview with Ampere Industrial Security's Patrick Miller.