Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.
I have decided to discontinue my participation in the SecurityWeek ICS Cyber Security Conference. I will continue to participate in control system and ICS cyber security conferences, my Managing Directorship of ISA99, the blogsite at www.controlglobal.com/unfettered , and my focus on instrumentation and control system cyber security, reliability, and safety.
I gave a presentation at the ISA Water/Wastewater Conference August 9th in Bethesda. As with the other conferences I have attended, the other cyber security presentations were on the network which is necessary, but not sufficient.
Addressing the cyber security of the sensors, not the Ethernet packets, has not been addressed by any industrial or DOD cyber security or safety standard. Monitoring of the electrical characteristics can’t prevent sensor integrity issues (hacking or unintentional impacts) but can identify changes which is more than we can do today.
I will be speaking August 9th at the ISA Water/Wastewater Conference in the cyber security track in Bethesda - http://isawwsymposium.com/program/program-schedule/. Like other conferences, I will be the only one speaking on sensors, not networks.
A US utility was compromised. The IP address and credentials for the cyber asset were posted on a Russian-based media site, and the cyber asset was subsequently infected with ransomware. The NERC CIP standards do not adequately address this problem.
Renewable resources are good for the environment and reduce consumer costs but they are not a panacea to reducing electric grid cyber threats as utility-scale solar facilities can utilize hundreds of thousands of solar panels with little to no cyber security.