Blogs

So you think Bob Adamski's nightmare is wrong? Read on!

Bob Adamski, Invensys' SIS guru, has been talking about the hacking of process safety systems for several years now. I think he's right, but we appear to be in a minority. Bob gave me his nightmare about how this could be done several years ago, and I've had it for a...

Ok, what's it going to take, friends?

Well, we've had another Sarbanes-Oxley event. This time, a plant called T2 Labs in Jacksonville, Fla. suffered an explosion which killed at least three persons and sent at least fourteen to area hospitals. See the report here: http://edition.cnn.com/2007/US/12/19/florida.explosion/index.html It is simply too early to determine the cause of the explosion...

Does SANS bite?

Sorry, I couldn't resist the pun. Joe Weiss posted on Unfettered this morning a clip from the blog, SANS Bites. In it he takes issue with the editor of SANS Bites' self-serving, and industry-serving statements about how nobly the industry is trying to achieve cybersecurity nirvana. What rot.

It's only a matter of time for the power industry...

Transpara has just announced version 3.0 of Visual KPI. In the press release, reproduced below, they note that AEP is now implementing Visual KPI. Transpara also noted that one of the uses of Visual KPI is Sarbanes-Oxley compliance.

OK, I can't stand it...this ticks me off!

I'm on vacation, but I'm not dead... This was in The Scotsman today. The explosion that destroyed the ICL plastics plant in Glasgow Scotland on 11 May 2004 was caused by an LPG line that leaked into a basement that was being used as a storage locker by a contractor,...

Talking to the Corner Office

This morning, I was supposed to give a speech at the RealtimeACS Cybersecurity Conference in Knoxville, Tenn. I couldn't make it, so I sent a video of the speech to Joe Weiss on a DVD. Katherine Bonfante, our Digital Managing Editor, has posted the speech at:  http://www.controlglobal.com/articles/2007/266.html For those of...

And now another cyber security suite entrant...patented, no less!

INDUSTRIAL DEFENDER AWARDED PATENT FOR

More SOX trouble for utilities?

Thanks to Bob Landman of HL Instruments for posting about this on the SCADA list: July 12, VNUNet "” Utility firms sitting on hacking time bomb. Utility companies could be facing a hacking time bomb owing to poor security measures. As more utilitie...

Joe Weiss reports on NERC CIP and Electric Utility Safety

How Secure are the Electric Utilities if They Implement the NERC CIP Standards? The NERC CIP standards were developed in a consensus fashion with representation from the smallest to the largest utility organizations. In order to obtain consensus, the NERC CIP standards are ambiguous and at best provide a "minimum bar".

Joe Weiss asks: Does Sarbanes-Oxley apply to control systems?

Does Sarbanes-Oxley apply to Control Systems?The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation enacted in response to the high-profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors a...