SANS Industrial Control Systems Security Blog: Tag - E-ISAC

Ukrainian Grid Attack: How NERC CIP-like Measures Might Have Helped

With the recent release of the E-ISAC and SANS ICS Defense Use Case (DUC) #5 which analyzed the cyber-attack that impacted Ukraine on December 23, 2015, I wondered how NERC CIP might have helped. I want to preface this analysis with acknowledgement that the Ukrainian event was wholly contained at the distribution level of their … Continue reading Ukrainian Grid Attack: How NERC CIP-like Measures Might Have Helped


ES-ISAC Changes Require Plan Updates

Did you hear about the NERC registered entity that got a PV for failing to update the Cyber Security Incident response plan within thirty calendar days of a change? How about the registered entity that got a PV because they didn't notify the ES-ISAC of a Reportable Cyber Security Incident? Well if you don't act … Continue reading ES-ISAC Changes Require Plan Updates