November 2013

ISA Recognizes Eric Byres for Leadership in SCADA Security

Today I am glad to be writing about a good news story. That story is that Belden's Eric Byres is being awarded the ISA (International Society of Automation) Excellence in Leadership award for his contributions to the automation industry in the area of industrial security.

This award must be particularly exciting for Eric because it is ISA's most prestigious award and is awarded by his peers, that is, members of ISA.

ISA President Terrence G. Ives remarked:

DNP3 Vulnerabilities Part 1 of 2 - NERC’s Electronic Security Perimeter is Swiss Cheese

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.

DNP3 Vulnerabilities Part 2 of 2 – Why DPI Firewalls Might be Industry’s Only Hope

In last week’s Practical SCADA Security blog, I discussed how the new vulnerabilities discovered in DNP3 SCADA masters are carving big holes in the NERC’s concept of the Electronic Security Perimeter (ESP).

The NIST Cybersecurity Framework - What is it and what does it mean to you?

You may have heard some buzz in the press (both US and International) about the release of the Cybersecurity Framework Draft from the US National Institute of Standards and Technology (NIST). However, you may not know much about its background. And you probably don’t know what it may mean to you as a control or security professional. This blog post will give you a high level overview of the genesis of this document and some handy points of reference.