• IEEE PES - PSRC Insights

  Category:

• On Vulnerability Disclosure

  Category:

• Calling All White Hats! Hack This!

  Category:

Blog

• Monday, September 15, 2008

  IEEE PES - PSRC Insights

  I had the opportunity this week to sit in on several IEEE PES working group meetings while attending the Power System Relaying Committee meeting here in Vancouver, Canada. I attended sessions on the reliability of networked devices and network infrastructure in power substations, and on architectures for SCADA security. I have a couple of impressions based on what was discussed: There is quite a bit of uncertainty in the industry around security issues. For some operators, not seeing a clear direction for security measures in order to meet NERC-CIP has led them to disable some communications channels rather than try ...

  Read full story

  Author: Roderick Locke

  Category: Security Events  Cyber Security Awareness  Achilles Platform  Industry Standards and Orgs 

• Sunday, September 07, 2008

  On Vulnerability Disclosure

  This year’s PCSF saw many productive discussions on the topic of responsible vulnerability disclosure (big hat tip to Zach and Mike who managed to keep the conversations from reducing to a bun fight). I want to take a moment to further detail a few of my own opinions on this subject matter. Let me begin with a somewhat pragmatic definition of device vulnerabilities: Device Vulnerabilities (I wonder if this is where Tipping Point’s DVlabs name stemmed from) can be thought of as software, hardware, or requirements artifacts that may be utilized to violate the explicit or implied operational characteristics of ...

  Read full story

  Author: Nate Kube

  Category: Device Testing  Cyber Security Awareness  Vulnerability Disclosure  Industry Standards and Orgs 

• Wednesday, September 03, 2008

  Calling All White Hats! Hack This!

  Who doesn’t like a good challenge? Especially when it can lead to bragging rights… or better yet, a career with a growing company that not only compensates for your skills and talents but offers tremendous upside potential, not to mention a rewarding career… Introducing our “Hack This” challenge, which is the first in a series of different challenges, games, and assessment tools we’ll have on our website to test your skills (in hacking, coding, logic, assessments… in short, all things related to industrial cyber-security, cyber-risk and compliance) and get on our radar! We’re always on the lookout for the next ...

  Read full story

  Author: Steve Kim

  Category: Wurldtech  Cyber Security Awareness