-
Wednesday, September 30, 2009
Tyler Williams To Discuss Smart Grid Cyber Security In China
As the demand for AMI solutions grows throughout the electric power industry worldwide, China seems to be taking a slightly more cautious approach than many in North America - who have been largely driven by the powerful combination of compelling economics and government stimulus funding - and starting with a clear strategy that deals with standardizing security and interoperability testing before approving massive installations that may cause significant issues down the road. This has long been our position and message to the industrial cyber security community and we are glad to see China weighing-in with what we consider to be ...
Read full story
-
Wednesday, May 27, 2009
Wurldtech Discusses Smart Grid Security at ConnectivityWeek & UTC Telcom
Wurldtech’s CEO, Tyler Williams, will be on the road for the next few weeks presenting at two high-profile industry conferences where Smart Grid security will be the primary focus. UTC Telecom 2009
At UTC, Mr. Williams will be delivering a presentation called “From FUD to Fact: Simple solutions to improve the security & robustness of Smart Grid infrastructure.” This will be held (6/3; 9:15 a.m. – 19:30 a.m.). With all the attention lately in the media surrounding cyber terrorism and the vulnerabilities found on the networks that control and manage global critical services such as power, energy, transportation and telecommunications, ...
Read full story
-
Monday, December 15, 2008
The Answer – One More Than You Have
I attended the West Coast Security Forum (WCSF) during the first week of December and I must share with you a major advancement in my understanding of layered defense strategies. I have attended many conferences and I am always looking for that nugget of truth that I can walk away with and apply to my work. Well, the WCSF did not let me down. From an anonymous voice in the crowd I heard that sage advice that we all seek. I asked the audience when using a layered defense strategy, how many layers of defense are enough? The first response ...
Read full story
-
Monday, December 15, 2008
Critical Infrastructure Protection and the Vancouver Olympics
Reportedly, security for the 2002 Salt Lake City games cost $1.3 billion, the 2004 Athens games were $1.5 billion, and the estimated cost for the 2012 London games is probably going over the $2 billion dollar mark. So, it shouldn’t be a surprise that security for the Vancouver Olympic games may approach or exceed $1 billion.
However, in all the above security budget increases, how much attention was or is being paid to keeping the lights on? What about keeping the oil and natural gas flowing? What about the water supply?
The common thread in these critical infrastructure issues are ...
Read full story
-
Monday, September 15, 2008
IEEE PES - PSRC Insights
I had the opportunity this week to sit in on several IEEE PES working group meetings while attending the Power System Relaying Committee meeting here in Vancouver, Canada.
I attended sessions on the reliability of networked devices and network infrastructure in power substations, and on architectures for SCADA security. I have a couple of impressions based on what was discussed:
There is quite a bit of uncertainty in the industry around security issues. For some operators, not seeing a clear direction for security measures in order to meet NERC-CIP has led them to disable some communications channels rather than try ...
Read full story
-
Monday, July 14, 2008
Wurldtech’s Expert Selected To Visit Capital Hill As Trusted Industrial Cyber Security Advisor
As some may have previously noted, I was able to participate in the Automation Federation’s first annual fly-in to Washington DC in May of 2008. The meeting was a sound success, with a number of follow-up’s scheduled as a result of our meetings. The first of these follow-up’s came last week as a sub-team comprised of Ernic Rakacszky from Invensys, Eric Cosman from Dow, Johan Nye from Exxon Mobile, Michael Marlowe from the Automation Federation, and myself.
During this visit, we specifically came back to meet with staffers from several senator’s that are looking into the issues of cyber security ...
Read full story
-
Friday, April 11, 2008
Friday’s Note: Industrial Cyber Security Threats Are Real
Yesterday (April 10, 2008), the Sound OFF! blog mentioned an article, “Industrial Control Systems Killed Once and Will Again, Experts Warn”, written by Ryan Singel from the WIRED Blog Network (April 9, 2008). Unfortunately, a past cyber incident has now been linked to a fatality. The incident in question is the tragic rupture of a pipline which spilled 237,000 gallons of gasoline into two creeks near Bellingham, Washington. The gas ignited and killed three, injuring eight others.
A recent re-examination by security experts into this tragedy has revealed this incident was due to a control system computer issue. The finding ...
Read full story
-
Friday, March 28, 2008
Friday Note: Hackers Unite - CanSecWest 2008
Mikko Varpiola from Codenomicon and our very own Dr. Nate Kube are taking the stage at CanSecWest 2008. Their presentation, Fuzzing WTF? What Fuzzing Was, Is, and Never Will Be, is sure to spur additional debate on this topic! For those of you in attendance, I hope you get the chance to catch their presentation.
As one of the foremost security and hacker conferences in Canada, it’s great to see all the major players congregate in our fine city. One side note: it also helps us to find and interact with the best talent in the security/hacker industry, so if ...
Read full story
-
Thursday, March 20, 2008
Wurldtech on the road; catch our latest presentations at upcoming events
In an effort to keep everyone informed on our latest speaking engagements, here is a list of upcoming conferences and topics. I encourage you to check out the conference links to learn more about the agendas and highlights, as there are a number of well recognized industry thought-leaders scheduled to appear at each event. Event: CanSecWest 2008 (http://www.cansecwest.com) Date: March 26 to March 28, 2008
Location: Marriott Renaissance Harbourside, Vancouver, BC
Topic: Fuzzing WTF: What Fuzzing Was, Is and Never Will Be
Presenter: Dr. Nate Kube, CTO, Wurldtech Security Technologies, Inc.
Presenter: Mikko Varpiola, Founder and Security & ...
Read full story
-
Thursday, January 24, 2008
Safety SIL and Security
As mentioned in a previous post, Dr Nate Kube and myself recently created a paper for the Digital Bond S4 conference in Miami on Security Assurance Levels. Our approach was to look at SIL and compare where the various strengths of SIL versus SAL exist. In short, we found that significant overlap does exist, but there are a number of key areas that require additional attention. Rather than re-write the whole paper here, please email skim@wurldtech.com to get your copy.
Read full story