cyber-security

tech, circle, technology-5090539.jpg

NEI 08-09 Rev. 6 Addendum 1 Markup

Nuclear power plants (NPPs) in the US who follow the NEI 08-09 Guidance must adopt Addendum 1 Markup in their Cyber Security Plans. We’ve released an update for it in our Cyberwiz-Pro application for nuclear cyber security management. The addendum is a revision to the NEI 08-09 Rev 6, mainly affecting Appendix A, D & …

NEI 08-09 Rev. 6 Addendum 1 Markup Read More »

industry, industry 4, web-2630319.jpg

NERC CIP-010 Configuration Baseline Management—Need for Automation

The task of baselining asset configurations and managing changes on that baseline can be difficult and labor intensive, especially when multiple sites and silos of information are involved. Using spreadsheets may work temporarily, but it is not sustainable by any means; it is error-prone and may expose the facility to additional risks. Using homegrown applications …

NERC CIP-010 Configuration Baseline Management—Need for Automation Read More »

A Business Case for a NERC CIP V5 Automation Product

As the April 2016 deadline for NERC CIP V5 compliance approaches, I hear “we’re too far down the road to get a product,” or “we can’t afford a product now, we’ll look later.”  At the same time I also hear “there’s no doubt that to repeat and sustain our NERC CIP compliance program, we’ll need …

A Business Case for a NERC CIP V5 Automation Product Read More »

“Doing” Compliance Versus Being Secure – Integrate security & compliance activities

Compliance standards and programs such as NERC CIP V5 are created to improve the overall security of critical infrastructure.  However, much of the time, companies do as little as possible and seem to scramble to create the compliance program at the last possible moment.  To get the most out of compliance efforts and to improve …

“Doing” Compliance Versus Being Secure – Integrate security & compliance activities Read More »

network, networking, web-4636686.jpg

SECURITY ASSESSMENT OF FOREIGN MADE COMPONENTS

Protecting your Cyber Assets Foreign – Cyber Risk One of the biggest sources of cyber risk is foreign-made computer components with digital assets. It makes it easier to launch cyber attacks on U.S. companies and consumers, and this threat is not easy to detect.  For example, the Stuxnet that crippled the Iranian nuclear plant was …

SECURITY ASSESSMENT OF FOREIGN MADE COMPONENTS Read More »

A Gold Standard? Is the Government Capable of Creating Gold Standard for Critical Infrastructure Protection? Really?

NUCLEAR and NERC/CIP CYBER SECURITY COMPLIANCE TOOLS AVAILABLE I read an article in the Washington Post recently about Congress giving the Department of Homeland Security a lot more authority on cyber security protection of critical infrastructure.  The level of urgency and effort shown by the government is legitimate but the question is, does it have …

A Gold Standard? Is the Government Capable of Creating Gold Standard for Critical Infrastructure Protection? Really? Read More »

background, circuit, grey-2426328.jpg

Cyber Security Life-Cycle Management Tool Successfully Installed

I am really glad to report that three of our nuclear power plant CyberWiz-Pro™ licensees are making good progress implementing the tool. They have successfully completed Phase I validation testing, including setting up of their CDA databases, security plans, CSAT teams and more. And, Phase II validation testing is currently going on smoothly.  These STARS …

Cyber Security Life-Cycle Management Tool Successfully Installed Read More »

industry, industry 4, web-2630319.jpg

Wiznucleus Product Suite announced

Wiznucleus Announces New IT Platform For Nuclear Plants Platform will reduce plants’ operational and licensing risks by more than 50% New York City-based Wiznucleus, a provider of next-generation technology solutions to the energy industry, has announced that it has developed an advanced information technology platform that will help nuclear power plants operate more effectively, and …

Wiznucleus Product Suite announced Read More »