SANS Industrial Control Systems Security Blog

4 Takeaways from the F&S CNI Cyber Security Report

The Frost & Sullivan research report on the global critical national infrastructure (CNI) cyber security market, coming out on the eve of the SANS European ICS Security Summit, highlights a number of key trends in this increasingly important field.


The GICSP: A Keystone Certification

There's a new whitepaper available in the SANS ICS Library, on the history and development of the premier ICS security certification, the GICSP. Contents cover why and how the GICSP was developed, how it differs from other ICS security credentials, and where the GICSP Steering Committee plans on taking it in the future. The SteerCom … Continue reading The GICSP: A Keystone Certification


Brief History of Cyber Attacks

This post was written by Michael J. Assante, SANS ICS Director The history of cyber attacks is nearly as long and as brief as the history of interconnected digital technology. The concept of self-replicating or propagating programs was envisioned in the 70s and 80s. The first PC virus, called the Brain, was created in Pakistan … Continue reading Brief History of Cyber Attacks


Microsoft's New Patching Models will Cause Havoc for NERC Registered Entities

In May 2016, Microsoft announced a change to how updates for Windows 7 and 8.1 systems would be offered. That change made available "Monthly Rollups" that allow all previously released non-security updates to be installed in a single installation update. This week, Microsoft announced a revision to the previously reported plan in that the … Continue reading Microsoft's New Patching Models will Cause Havoc for NERC Registered Entities


NERC CIP Continues to Grow and Adapt

Today, FERC announced the approval of Order 829 directing NERC to develop a Reliability Standard addressing "supply chain risk management for industrial control system (ICS) hardware, software, and computing and networking services associated with bulk electric system operations." Imposing requirements on entities to secure the supply chain will present a significant challenge and I'm anxious … Continue reading NERC CIP Continues to Grow and Adapt