The North American Electric Reliability Corp. (NERC) imposed its stiffest fine to date for violations of Critical Infrastructure Protection (CIP) regulations, citing scores of violations. But who violated the standards and much of what the agency found remains secret.
Tag: critical infrastructure
In this episode of The Security Ledger podcast (#128): you’re going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And do security and privacy have a seat at the table at the world’s largest electronics event? We sit down with IoT luminary and influencer Stacey Higginbotham of the Internet of Things podcast and the StaceyonIoT blog to find out.
Let’s be clear: the natural gas explosions that rocked the Merrimack Valley north of Boston in September weren’t the result of a cyber attack. Unfortunately: well known vulnerabilities affecting the security of remote sensors and industrial control system software mean they easily could have been.
In this spotlight edition* of The Security Ledger Podcast, Steve Hanna of Infineon joins us to talk about the growing risk of cyber attacks on industrial systems and critical infrastructure. “Industry 4.0” is poised to transform the global economy, Hanna said, but not if the issue of cyber risk can’t be managed. We talk about how that might be done and the need for strong identity and hardware based roots of trust!
Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber attacks.