Ampyx Cyber Blog
The Intersection of Regulation & Resilience
NERC Initiates Data Collection on INSM for Low Impact CIP Assets
NERC has initiated the Internal Network Security Monitoring (INSM) Data Request in response to a directive from FERC. This effort aims to gather data on the risks of not implementing INSM in medium and low impact BES Cyber Systems. NERC is collecting information from utilities in the electric power industry regarding facility numbers, network configurations, malicious code detection, implementation challenges, and alternative solutions. The data must be submitted by July 25, 2023.
New Low Impact NERC CIP-003-9 Regulations: Vendor Supply Chain Security
On March 16 2023, FERC issued a new Order approving NERC CIP-003-9 introducing new requirements for vendor electronic remote access security controls to low impact BES Cyber Systems. These new security controls are intended to allow detection and the ability to disable vendor remote access in the event of a known or suspected malicious communication.
New cybersecurity controls for vendor access to low impact NERC CIP assets
FERC has approved new cybersecurity standards to improve risk management practices and supply chain risk management for low impact assets. The new standards, designated CIP-003-9, require utilities to establish and maintain a documented supply chain cyber risk management plan and implement vendor-focused cybersecurity protections for their low impact BES Cyber Systems.
Securing Control Center communications is more than encryption
While encryption meets the security objective of CIP-012, entities can utilize additional security controls to provide a defense in depth approach and in some cases utilize controls other than encryption.
The new National Cybersecurity Strategy: what does it mean for you?
The White House issued its new National Cybersecurity Strategy on Thursday, laying out its plan for securing the country from cyberattacks. Patrick C. Miller answers questions about the strategy and how it could impact you.
Is SBOM the answer?
Government and industry experts have recently pointed to software bill of materials (SBOM) as a requirement for organizations, but what are you getting? David Foose spends some time exploring aspects of SBOM fever.
S4x23 Trip Report
This year, the S4 event hosted by Dale Peterson (DigitalBond) was bigger than ever. New venue, new content, new challenges, new theme, and a new feel. Here’s a report of my experience with some bad, some good and some great things that happened.
A former vendor's take on CIP-013 Supply Chain Risk Management
David Foose, a former vendor, takes us on a brief walk through the history and the justifications Supply Chain Security and the birth of NERC CIP 13. With this, we explore what might have been and where it may have unfortunately veered off into constant contract negotiation entities find themselves today.
Alexa, can you tell me when my grid is hacked?
A new addition to the NERC CIP regulation is coming for the electric sector requiring anomaly detection and internal network security monitoring to detect active attacks on critical systems.
48 hours to compromise: why your shields need to stay up
Brand new industrial security researchers find a zero day in an industrial device just 48 hours. If they can find it, so can attackers. Here's what that means for your security program.
The importance of network segmentation for critical infrastructure
Network Segmentation - creating specialized, highly-protected network segments for critical systems - can provide necessary isolation and defense against ransomware and other attacks on critical infrastructure.
Internal network security monitoring for visibility
Internal Network Security Monitoring (INSM) - visibility into what’s happening on your internal OT/ICS networks - is showing up in important places like the National Security Memorandum, CISA guidance and FERC rulemaking notices.
There is a better way to do this: why critical infrastructure cybersecurity regulations are heading in the wrong direction
I helped write and establish the NERC CIP regulations. But now I want change. There is a way to save time, money and headaches while actually improving security for critical infrastructure.
Communication avalanche: What utilities need to think about before a nation-state cyberattack happens to them
Utilities are preparing for the technical side of a cyberattack generated by the Russia-Ukraine conflict. But there is another aspect to these attacks that can cause chaos if you’re not ready. We’ll explore that here.
20 years of NERC CIP - What's next?
Two industry veterans who cultivated NERC CIP over the past 20 years discuss how it all started, and what’s next for electric power industry security regulations. Patrick C. Miller, one of the first NERC CIP auditors in the country, and Carter Manucy, a utility IT/OT Security Director, talk about the regulation that changed the electric sector cybersecurity landscape forever.
How it started, where it's going: 20 years of NERC CIP
Two key people who helped start NERC CIP 20 years ago talk about how and why it came together, and where it could go next. Patrick C. Miller, one of the first NERC CIP auditors in the country, and Earl Shockley, a former leader at NERC, talk about this momentous regulation that changed the electric sector cybersecurity landscape forever.
Should the water sector follow the cybersecurity path of NERC CIP?
Water is essential for life – in so many ways. It’s so essential, we should do whatever is necessary to have a safe, reliable, and secure water/wastewater system, right? But from what I have seen both personally and in many public reports, we’re far from it. So, what is necessary to secure the water sector in the US?
What is an SBOM and how can it help?
An SBOM is a software bill of materials and it can be a crucial tool in critical infrastructure cybersecurity. In this video, Ampere's Patrick C. Miller talks about how it works.
What's next for industrial supply chain security?
Critical infrastructure needs to focus on supply chain security. Watch this interview with Ampere's Patrick C. Miller about what is next and how to prepare.
Do I have to comply with the new National Security memorandum on industrial security?
Is the new National Security Memorandum on industrial security mandatory? Watch this interview with Ampere Industrial Security's Patrick Miller for answers that will help guide your next steps.