Guestpost

The latest guest post from the ICS Cyber Security blog on the SeConSys blog: Az ipari szervezetek egyre nagyobb hányada tapasztal kiberbiztonsági incidenseket – ICS Cyber Security blog Translated by DeepL

FOCUS

1 July Az NSA-CISA-NCSC-FBI közös ajánlása a GRU brute force jellegű tevékenységével kapcsolatban: NSA-CISA-NCSC-FBI Joint Cybersecurity Advisory on Russian GRU Brute Force Campaign | CISA Webinar Smart Grids Forum | IEC 61850 Week 2021 – EE-ISAC – European Energy – Information Sharing & Analysis Centre Translated by DeepL

FOCUS

25 June NIST has published a definition of critical software in conjunction with EO 14028 (Presidential Executive Order on Improving the Nation’s Cybersecurity). Developments related to the EO could have implications far beyond the US: Critical Software | NIST Definition of Critical Software Under Executive Order (EO) 14028 (nist.gov) 29 June This year’s Dragos knowledge …

FOCUS Read More »

FOCUS

25 June Not without lessons learned, an initiative (Cyber Sense programme) supported by both the Democratic and Conservative parties to voluntarily test the cybersecurity of products and technologies to be installed in the transmission network: U.S. Senate bill will enforce security testing of technologies used in bulk power systems – Industrial Cyber Translated by DeepL

Guestpost

The latest guest posts from the ICS Cyber Security blog on the SeConSys blog: Kibertámadás érte a Dél-koreai Nukleáris Kutatóközpontot – ICS Cyber Security blog Az orosz-amerikai elnöki csúcstalálkozó lehetséges hatásai a kritikus infrastruktúrák kiberbiztonságára – ICS Cyber Security blog Translated by DeepL

Supply chain threat: developments in a ill-fated executive order

On 1 May last year, the US issued an Executive Order (E.O. 13920, hereafter EO) declaring an energy emergency due to supply chain threats to the US electricity system. The EO established a number of responsibilities for government agencies, but especially for owners and operators of energy utilities. Unsurprisingly, the EO was received with considerable …

Supply chain threat: developments in a ill-fated executive order Read More »

FOCUS

23 June For the attention of critical infrastructure managers! MITRE releases D3FEND framework as a complement to its existing ATT&CK structure – Industrial Cyber D3FEND Matrix | MITRE D3FEND™ 23 June The percentage of attacks against OT systems via USB devices is increasing: USB removable media still acts as an initial attack vector in OT …

FOCUS Read More »

FOCUS

20 June It seems that, after a serious slap in the face, an exemplary public-private partnership (DOE and Dragos) in the US could provide a framework for meaningful information sharing: Info-sharing pact to help electric utilities comply with DOE’s 100-day plan (scmagazine.com) 21 June It has now emerged that there was an incident at another …

FOCUS Read More »

FOCUS

20 June The CISCO zero trust approach: Zero-trust approach for industrial networks – Industrial Cyber 21 June An exemplary DOE initiative for students: Calling the Next Generation of Cyber Defenders | Department of Energy Adventure Benefit Flyer (energy.gov)