The energy sector is the cornerstone of modern infrastructure, powering essential services and supporting the daily operations of economies worldwide. However, it also faces unique cybersecurity challenges, particularly in complying with the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) standards. Cyber threats keep growing in sophistication and frequency and the sector's critical assets—such as power grids, pipelines, and renewable energy networks—face unprecedented risk. The implications of a cyberattack on these systems extend far beyond...
Author: Michael Betti
Cybersecurity threats to manufacturing and process plants come from a wide range of attack vectors, including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors, and new smart devices. Internet of Things (IoT) technologies offer greater connectivity and endless applications, but they make the cybersecurity landscape more complex. Several affected industries have greatly improved their defence posture, primarily thanks to governmental regulatory compliance requirements. Most...
In recent years, the security of the United States' critical infrastructure has become a pressing concern, particularly in the oil and gas sector, due to its pivotal role in the nation's economy and energy supply. Recognizing this, the Transportation Security Administration (TSA) implements several new directives in July each year aimed at enhancing the security and resilience of vital energy infrastructure against various threats, including cyber-attacks and physical disruptions. The TSA was founded in 2001 following 9/11, and initially focused on aviation security. However, it later...
If you’ve been keeping up with the Payment Card Industry Data Security Standard (PCI DSS), you’ll know it has a new specification that revolves around network security controls. Let’s dig into the details. A Little Back Story It helps to level-set for anyone who might be coming into this from a non-technical role. We all know PCI DSS ( v4.0) is the payment card industry’s compliance standard for protecting our sensitive cardholder data (from names and credit card numbers to addresses and SSNs). Part of protecting this information (as opposed to the swaths of other data major card companies...
Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or IT teams to focus on, which is where security configuration management (SCM) comes in. While SCM can be a valuable tool for organizations across all sectors, it is particularly helpful for critical organizations required to comply with certain...
The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these security efforts is the misconception about data volume versus the necessity for comprehensive data collection. Endpoint security does not need to be an insurmountable task. Fortra's Tripwire Axon agent revolutionizes endpoint security by ensuring...
Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a configuration change prevented many breaches. Security configuration management can make a huge difference in reducing an organization’s vulnerability. As stated in a previous post : “As a multi-faceted topic, hardening may overwhelm organizations when designing or amending...
At the recent Tripwire Energy and NERC Compliance Working Group, we held a session to demonstrate some tips and tricks to make the latest Tripwire State Analyzer (TSA) work better for your organization. The newest State Analyzer version is 1.5.2, which offers features that align it with most of the latest systems and practices. It also includes improvements with its integration with Tripwire Enterprise (TE). Active Directory Integration and Assessment Results Tripwire State Analyzer manages Allowlists and then takes the managed allowlist data and compares those lists to the actual data...
Electric grids are part of every nation’s critical infrastructure. Every societal activity and business depends on reliable and safe electricity distribution. The US electric grid is a huge network of powerlines, distribution hubs, and renewable and non-renewable energy generators that is increasingly exposed to cyber-physical risks due to the accelerated reliance on cyber-enabled systems and IoT-connected devices, such as smart meters. The North American Electric Reliability Corporation (NERC) is the organization behind ensuring the security and reliability of electric grids, and the NERC...
In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government. The fundamental purpose of the initiative was “to defend the nation’s critical infrastructure community by encouraging and facilitating the deployment of technologies and systems that provide threat visibility, indications, detection, and warnings” to enable effective responses in industrial businesses against evolving cybersecurity threats. The memo further elaborated that “we cannot address...