1 July Az NSA-CISA-NCSC-FBI közös ajánlása a GRU brute force jellegű tevékenységével kapcsolatban: NSA-CISA-NCSC-FBI Joint Cybersecurity Advisory on Russian GRU Brute Force Campaign | CISA Webinar Smart Grids Forum | IEC 61850 Week 2021 – EE-ISAC – European Energy – Information Sharing & Analysis Centre Translated by DeepL
One of the links in the 28 June guest post was to a post on the ICS cyber security blog published here on 26 June. In it, the author described the cybersecurity-related developments of the Biden-Putin summit of 16 June and assessed their potential impact, with some undisguised scepticism. The news tsunami surrounding the summit …
25 June NIST has published a definition of critical software in conjunction with EO 14028 (Presidential Executive Order on Improving the Nation’s Cybersecurity). Developments related to the EO could have implications far beyond the US: Critical Software | NIST Definition of Critical Software Under Executive Order (EO) 14028 (nist.gov) 29 June This year’s Dragos knowledge …
25 June Not without lessons learned, an initiative (Cyber Sense programme) supported by both the Democratic and Conservative parties to voluntarily test the cybersecurity of products and technologies to be installed in the transmission network: U.S. Senate bill will enforce security testing of technologies used in bulk power systems – Industrial Cyber Translated by DeepL
The latest guest posts from the ICS Cyber Security blog on the SeConSys blog: Kibertámadás érte a Dél-koreai Nukleáris Kutatóközpontot – ICS Cyber Security blog Az orosz-amerikai elnöki csúcstalálkozó lehetséges hatásai a kritikus infrastruktúrák kiberbiztonságára – ICS Cyber Security blog Translated by DeepL
On 1 May last year, the US issued an Executive Order (E.O. 13920, hereafter EO) declaring an energy emergency due to supply chain threats to the US electricity system. The EO established a number of responsibilities for government agencies, but especially for owners and operators of energy utilities. Unsurprisingly, the EO was received with considerable …
Supply chain threat: developments in a ill-fated executive order Read More »
23 June For the attention of critical infrastructure managers! MITRE releases D3FEND framework as a complement to its existing ATT&CK structure – Industrial Cyber D3FEND Matrix | MITRE D3FEND™ 23 June The percentage of attacks against OT systems via USB devices is increasing: USB removable media still acts as an initial attack vector in OT …
20 June It seems that, after a serious slap in the face, an exemplary public-private partnership (DOE and Dragos) in the US could provide a framework for meaningful information sharing: Info-sharing pact to help electric utilities comply with DOE’s 100-day plan (scmagazine.com) 21 June It has now emerged that there was an incident at another …
20 June The CISCO zero trust approach: Zero-trust approach for industrial networks – Industrial Cyber 21 June An exemplary DOE initiative for students: Calling the Next Generation of Cyber Defenders | Department of Energy Adventure Benefit Flyer (energy.gov)
In previous posts (here and here), we discussed the Executive Order of 12 May and the CSIS event on it. The guest was Anne Neuberger, Deputy National Security Advisor for Cyber and New Technologies. The experts were generally supportive of what was said. Some of their main thoughts: On the one hand, the US government …
