Uncategorized

OT vs IT Networks - What's the Difference

OT vs IT Networks – What’s the Difference?

In any mission-critical facility, the definition of “technology” is more complicated than just saying it’s IT. Some components deal with data creation, transmission, monitoring, and storage, and they must work together to facilitate day-to-day work. There are also many mechanisms, such as manufacturing equipment, sensors, IoT, and the systems that are used to manage production …

OT vs IT Networks – What’s the Difference? Read More »

Vulnerability Management Needs a Nuclear Grade Facelift

The other day the White House sent a warning message to organizations: “Patch your system!” The recent hacks on Microsoft Exchange Server even elicited a response from the President. That shows you the seriousness of vulnerability management not just in government systems but in all types of organizations. The recently uncovered hack is only the latest …

Vulnerability Management Needs a Nuclear Grade Facelift Read More »

NEI – Vulnerability Assessment Challenges & Solutions

It was great to see old cyber security colleagues and friends again last week at the NEI Cyber Security Implementation Workshop in Boston. While speaking to the attendees, my colleagues at WizNucleus and I noted that the manpower support necessary to perform required vulnerability assessments is a significant challenge for most of them. For example, …

NEI – Vulnerability Assessment Challenges & Solutions Read More »

WizNucleus Launches WizID™

WizNucleus Launches WizID™ for Continuous Monitoring of Access Using AI- Powered Behavioral Analytics The New Technology, as an add-on to WizNucleus Cyberwiz-Pro™ (CWP), Extends its Current Capabilities and Delivers Realtime Passive Monitoring and Analysis of User Data During All Sessions and Alerts Based on Monitored Profiles and Access Events. West Palm Beach, Fl—WizNucleus, Inc., a …

WizNucleus Launches WizID™ Read More »

Nuclear Blog

Nuclear Cybersecurity Management–Transitioning from Project to Program-Spreadsheets to Database With the Milestone 8 full implementation date here, nuclear power plants (NPP) face a host of new challenges. Among those challenges is how they might go about validating their completed CDA assessments and sustaining their cybersecurity program.  Regardless of their current state, they must ask themselves …

Nuclear Blog Read More »

Milestone 8 is Here or Quickly Approaching

Also, chances are, you did not have the luxury of getting all the cyber assessment workload done internally; you might have engaged outside contractors and consultants (sometimes in large numbers) trying to get ready for Milestone 8.  The Milestone 8 Inspection date is nearing and project budgets are shrinking; you may now have to manage the program with constraints of in-house resources.

Cyber-Wiz-Pro-Wiznucleus

The Growing Need for Cybersecurity Protection in Low-Impact Utilities and the Impending New Compliance

Six times in 2013, Iranian hackers took over the control system for the Bowman Avenue Dam in Rye Brook, New York. When the news broke, reporters became focused on the vulnerability of America’s infrastructure. They missed an important point. The Bowman Avenue Dam isn’t exactly declared as a critical infrastructure at the current moment. It …

The Growing Need for Cybersecurity Protection in Low-Impact Utilities and the Impending New Compliance Read More »

cubes, choice, one-2492010.jpg

NERC CIP v6 Compliance – Three Things to Consider

As NERC CIP v6 got approved by FERC’s Order 822 earlier this year, the burden of meeting compliance requirements and ensuring the protection of BES Cyber Assets is only increasing. The Critical Infrastructure Protection (CIP) standards are designed to provide the minimum requirements that an enterprise will require to prevent faults and cyber-attacks, and ensure …

NERC CIP v6 Compliance – Three Things to Consider Read More »

It’s Time to Operationalize Configuration and Change Management to Improve Security and Sustain the NERC CIP Program

Most Utilities I talk to kept April 1, 2016 as their internal NERC CIP V5 deadline even though they received a reprieve to July. Congratulations are in order for most as internal compliance dates were achieved. What I’m hearing is that they were able to cobble together their cyber assets and attributes in various ways …

It’s Time to Operationalize Configuration and Change Management to Improve Security and Sustain the NERC CIP Program Read More »