SANS Industrial Control Systems Security Blog: Category - NERC CIP

...But I'm a CIP Cyborg Warrior with Real Kung Fu Grip... Then Prove It!

This blog is written by Jason Christopher, SANS ICS456 instructor. Ok, sure, that's an exaggeration on the existing CIP Ninja[1] nomenclature so many of us use, but you get the point. Sometimes it's hard to make CIP exciting. Depending on your responsibilities, you may face death-by-patching updates or log reviews. You may be trapped in … Continue reading ...But I'm a CIP Cyborg Warrior with Real Kung Fu Grip... Then Prove It!


One CIP, Two CIP, Red CIP, Blue CIP

This blog was written by - Tim Conway with contributions, edits, and research from Ted Gutierrez and Kevin Perry Looking at the Ukraine cyber-attacks through the various lenses of NERC CIP Following the cyber-attacks which impacted the Ukrainian electric system on December 23, 2015 there were a number of public statements and discussions asking if … Continue reading One CIP, Two CIP, Red CIP, Blue CIP


How do you say Ground Hog Day in Ukrainian?

This post was written by Michael J. Assante, SANS ICS/SCADA Lead and Tim Conway SANS Technical Director - ICS/SCADA Programs. Around this same time last year, as many of us were preparing to enjoy our winter holidays with family and friends, exchanging gifts and eating entirely too much food, the cybersecurity community began learning of … Continue reading How do you say Ground Hog Day in Ukrainian?


Microsoft's New Patching Models will Cause Havoc for NERC Registered Entities

In May 2016, Microsoft announced a change to how updates for Windows 7 and 8.1 systems would be offered. That change made available "Monthly Rollups" that allow all previously released non-security updates to be installed in a single installation update. This week, Microsoft announced a revision to the previously reported plan in that the … Continue reading Microsoft's New Patching Models will Cause Havoc for NERC Registered Entities


NERC CIP Continues to Grow and Adapt

Today, FERC announced the approval of Order 829 directing NERC to develop a Reliability Standard addressing "supply chain risk management for industrial control system (ICS) hardware, software, and computing and networking services associated with bulk electric system operations." Imposing requirements on entities to secure the supply chain will present a significant challenge and I'm anxious … Continue reading NERC CIP Continues to Grow and Adapt