Industrial Cyber Security
Matt Luallen and Steve Hamburg are managing partners of Encari, a critical infrastructure information security consulting company. Together, they bridge the gap between information technology (IT) and plant security to help process control (DCS/SCADA) systems engineers be aware of system vulnerabilities and have processes in place to respond. Matt Luallen, who started out in network engineering at Argonne National Laboratory, is a cyber security author, consultant, researcher and trainer for critical infrastructure and SCADA/DCS process control systems. Steve Hamburg is a licensed professional civil / structural engineer who ultimately transitioned his career to cyber security consulting ten years ago. Steve is also a published author, public speaker and instructor.
www.encari.com
Join Encari for its complimentary Webinar: "Role-Based Training Under CIP-004, R2 – An Alternative to 'One-Size-Fits- All' Training"
Role-Based Training Under CIP-004, R2 – An Alternative to “One-Size-Fits- All” Training Join Encari (i.e., click here) at its webinar on Thursday, February 25th, 2010. Join Encari for another complimentary and informative webinar. Based on concepts described in NIST Special Publication 800-16 Revision 1 (Draft), “Information Security Training Requirements: A Role and Pe ...... Read More
Comments (0)Invaluable Resources Freely Available from the US Department of Homeland Security
While not all resources provided by the US Department of Homeland Security (USDHS) that are referenced in this blog are directly related to industrial cyber security, the resources are invaluable. Some of the resources you may subscribe to receive via email address critical infrastructure and the broader conterterrorism concern, and preparedness, response and recovery. We strongly enco ...... Read More
Comments (0)Join ENCARI for its Complimentary NERC CIP-004, R1 Security Awareness Webinar: "Eight Security Habits of Highly Effective End-Users"
Join Encari on Tuesday, January 26th, 2010 for its complimentary NERC CIP-004, R1 security awareness Webinar “Eight Security Habits of Highly Effective End-Users”. Encari will guide attendees through the following eight sound security habits for end-users: 1. Good physical security habits 2. Personal firewall, anti virus, patching 3. Choosing and protecting passwords 4. Using caution ...... Read More
Comments (2)RISI - The Repository of Security Incidents
RISI, the Repository of Industrial Security Incidents, is a database of cyber security incidents that have or could have affected process control, industrial automation or Supervisory Control and Data Acquisition (SCADA) systems. RISI’s primary objective is to collect, investigate, analyze, and share important industrial security incidents among its members to enable them to lea ...... Read More
Comments (0)Join Encari for its complimentary "CIP-005 and CIP-007: Logging, Monitoring and Alerting, Oh My!" Webinar on Tuesday, December 15th
Join us for a Webinar on Tuesday, December 15th. Register for the Webinar at: https://www2.gotomeeting.com/register/644602627. Is your organization working to comply with the logging, monitoring and alerting requirements set forth in CIP-005-2, Electronic Security Perimeter(s) and CIP-007-2, Systems Security Management? Individuals engaged in such efforts know that the devil is in the (log) detail ...... Read More
Comments (0)Join Encari for Another Complimentary Webinar on Tuesday, November 24th, 2009
The Technical Feasibility Exception Challenge Register for this webinar at: https://www2.gotomeeting.com/register/909227819. If you have been racing to comply with the NERC CIP Reliability Standards this year, you have probably come to realize that filing Technical Feasibility Exceptions (TFEs) is a big part of the job. This is especially true since NERC approved the final TFE rules and set ...... Read More
Comments (0)Encari Co-Founder Mid-West ISO Chairman to Deliver Webinar Addressing Their "Malicious Software Prevention for NERC CIP-007 Compliance: Protective Controls for Operating Systems and Supporting Applications" White Paper
November 3rd at 2:00 p.m. EDT / 1:00 p.m. CDT / noon MDT / 11:00 a.m. PDT Join Matt Luallen, Co-Founder of Encari, and Paul Feldman, Chairman of the Mid-West ISO, for an interactive and complimentary Webinar addressing the key points of their thought-provoking white paper entitled, “Malicious Software Prevention for NERC CIP-007 Compliance: Protective Controls for Operating Systems and Supp ...... Read More
Comments (0)Encari Co-Founder to Present in Webinar While at the SANS 2009 European Community SCADA and Process Control Summit
Encari Co-Founder, Matt Luallen, will be co-presenting with NitroSecurity in a Webinar while at the 2009 European Community SCADA and Process Control Summit. Analyst Webcast: Protecting a Smarter Grid: Power Utility Security WHEN: Tuesday, October 27, 2009 at 1:00 PM EDT (1700 UTC/GMT)https://www.sans.org/webcasts/protectingsmarter-grid–power-utility-security-92823 Sponsored By: NitroSecuri ...... Read More
Comments (0)Complimentary NERC CIP-004-1, R1 Security Awareness Webinar: Physical Security
Join Encari for its Webinar on Friday, October 23rd Register for this Webinar at:https://www2.gotomeeting.com/register/287861282 Encari’s physical security awareness Webinar will address reasons why physical security is a key component of critical infrastructure protection. Attendees will learn about basic concepts and controls that help safeguard personnel and prevent unauthorized access ...... Read More
Comments (0)Video Interview of Former Assistant Secretary for Cyber Security Discussing Smart Grid Risks
Provided via the URL below is a video interview of Greg Garcia, the nation’s first Assistant Secretary for Cyber Security and Communications with the U.S. Department of Homeland Security, 2006-2008, discussing the risks of smart grid technologies to the U.S. Critical Infrastructure. We thought we should share this via our blog since this interview involves a former DHS Cyber Sec ...... Read More
Comments (1)CSSP Offers Advanced Cyber Security Training in December 2009
Several of our consultants have attended this training; it is phenomenal. We understand travel budgets are tight, but if there were that one travel expense you should strongly consider approving, this is the one. – Document URL: http://www.infracritical.com/papers/ics-advance-training-invite-dec2009.pdf The Industrial Control Systems Joint Working Group Program Office would like to in ...... Read More
Comments (0)How is sustaining security like keeping your home clean?
We (i.e., Encari) are currently immersed in helping NERC-registered entities (e.g., generation and transmission companies) address their respective NERC CIP Reliability Standards compliance concerns. Specifically as it relates to NERC-registered Table 1 entities (e.g., transmission providers), these entities were required to become compliant with all 45 NERC CIP Reliability Standards require ...... Read More
Comments (0)
