Authored by
Matthew E. Luallen, Co-Founder, Encari

Advisors
Paul A. Henry, Certified SANS Instructor, industry veteran and published co-author of books on network security and SCADA; &
Gary J. Finco, Senior Advisory Engineer, Idaho National Laboratory

Electricity provides the foundation on which all of society stands. It has come a long way from the early days, when Thomas Edison and George Westinghouse competed to gain support for their respective DC and AC technologies. Today’s power grids circle the world, providing AC electricity to billions of people. And now these grids themselves are getting smarter, thanks to modern-day technologies supporting what were once decentralized pneumatic manual controls.

Transmissions over these networks involve human operators coupled with advanced computing systems to achieve an intricate balance between the production and consumption of electrons.  Fuels such as wind, solar, coal, natural gas, hydro, and nuclear generate electrons that are transmitted long distances and distributed to residential, business, military/government, educational and every other operational community in a civilized society. These electrons provide power to heat, air conditioning, lights, televisions, refrigerators, and even the heart pumps attached to our dearest loved ones.

Each stage of this energy transmission cycle typically includes more than one automated control, or cyber asset. These cyber assets undeniably enhance safety and reliability of the grid network. The problem is, as the grid gets smarter, the propensity for successful cyber intrusion and disablement dramatically increases. These networks are no longer proprietary. They run on commercially-available hardware, operating systems, applications, code, and protocols the bad guys have been exploiting ever since the 1980s.

Consider, as well, the interconnectedness of these transmission networks. In order to buy, sell and transfer various forms of power, these networks must intrinsically connect along supply and distribution routes. For example, energy purchased by the Independent System Operator in Folsom, Calif., might actually come from an Idaho power company that’s selling off excess energy at a discount. This means that security considerations do not end where the speci?c control network does: They continue on through partner connections. In all verticals, partner connections made up 32 percent of breaches investigated, according to the 2009 Verizon Business Breach Report.

This paper will address the security issues facing smarter grid operators and will provide policy advice points.

Click here to download this whitepaper.

Authored by
Matthew E. Luallen, Co-Founder, Encari
Paul J. Feldman, Chairman of the Midwest ISO, Independent Director of Western Electricity Reliability Council (WECC)

This paper discusses why application whitelisting may serve as a compensating control for NERC CIP-007, R3 (security patching) and solution for CIP-007, R4 (anti-malware). Application whitelisting also stops all unknown applications from executing; therefore, depending upon installation options, the same application whitelisting implementation may simultaneously aid utilities in meeting NERC CIP-003, R6 (change control and configuration management).

Click here to download this whitepaper.

Authored by
Matthew E. Luallen, Co-Founder, Encari

During the RSA Panel entitled "Securing Critical Networks: Infrastructure Exposed" on April 23 of 2009, Matt Luallen mentioned specific recommendations to protect our critical infrastructure and the need to further elaborate upon this message.  This whitepaper serves as the vehicle for this elaboration.  Critical infrastructure protection requires unparalleled expertise in the fundamentals of cyber security, physical security and the CI/KR operational requirements.  Expertise that typically affords professionals the ability to delineate between what they know and what they do not know and more importantly the confidence to express to their peers a level of ignorance.