Ampyx Cyber Blog
The Intersection of Regulation & Resilience
Cyber-Informed Transmission Planning: Seven Pilots, CIP Leverage
NERC's April 2026 release of the Cyber-Informed Transmission Planning lessons learned captures seven 2024 pilots. None triggered a corrective action plan. The report's most consequential finding: strengthening low-impact CIP requirements is likely a more cost-effective leverage point than expanding TPL-001 to embed coordinated cyber contingencies.
Claude Mythos and the OT Threat Horizon: What Utility Operators Need to Know Now
Anthropic's Claude Mythos can autonomously discover zero-day vulnerabilities across every major OS and browser, and the same codebases run in OT/SCADA environments. This post breaks down why Mythos-class AI exploitation tools directly implicate utility operators, which NERC CIP obligations are already in play, and what actions defenders should take before the patch window closes.
New NSA UEFI Guidance: Trust Starts Before the OS
UEFI Secure Boot is widely assumed to be enabled and enforcing, yet recent vulnerabilities show how easily trust at boot time can silently fail. NSA’s new guidance breaks down how Secure Boot actually works, where configurations commonly go wrong, and how organizations can validate and recover trust in the earliest stages of system startup.
Skills Elevated: More Ways to Build Cyber Resilience
Ampyx Cyber is expanding its training portfolio with new courses designed for utilities and critical infrastructure teams. From NERC CIP Bootcamp to OT vulnerability management and ICS packet analysis, our offerings provide more ways to build cyber resilience with practical, field-tested learning.
Is SBOM the answer?
Government and industry experts have recently pointed to software bill of materials (SBOM) as a requirement for organizations, but what are you getting? David Foose spends some time exploring aspects of SBOM fever.
48 hours to compromise: why your shields need to stay up
Brand new industrial security researchers find a zero day in an industrial device just 48 hours. If they can find it, so can attackers. Here's what that means for your security program.
What is an SBOM and how can it help?
An SBOM is a software bill of materials and it can be a crucial tool in critical infrastructure cybersecurity. In this video, Ampere's Patrick C. Miller talks about how it works.