Blog

Last week, we looked at the second of three oil and gas deep dives when we examined the role that operational technology and information technology play within this sector.

Specifically, we addressed the challenges in protecting IP in oil and gas since accessibility of data is such a crucial element within this industry. IP provides the competitive advantage that sets each company apart from others in a highly integrated industry. It also helps oil and gas companies better understand the current environment to deliver better future results.

The challenge with IP in the oil and gas sector is determining how to best keep the IP safe, yet accessible to those that need it. Industrial Defender and Lockheed Martin, its parent company, have approached this challenge by successfully combining the IT and OT landscapes. The result is a robust solution towards IT and OT security that includes people (e.g. training), the processes (e.g. policy and procedures) and the technology to address modern security challenges.

Read more

On May 29, 2009, the President of the United States gave a speech on securing our nation's cyber infrastructure. Despite the fact that we were in the height the great recession at the time, the importance for cyber security prompted immediate attention and awareness by the Executive office. 

When recounting, then recent attacks that led to the need to address cyber security, President Obama remarked, “In one brazen act last year, thieves used stolen credit card information to steal millions of dollars from 130 ATM machines in 49 cities around the world -- and they did it in just 30 minutes. A single employee of an American company was convicted of stealing intellectual property reportedly worth $400 million. It's been estimated that last year alone cyber criminals stole intellectual property from businesses worldwide worth up to $1 trillion.”

Read more

Cyber security leaders discuss intelligent defense at API conference

Of course anyone with the expertise and courage to pursue a career securing the oil industry is intelligent, but intelligence became the theme of the 9th annual American Petroleum Institute (API) Cybersecurity Conference in Houston last week.  Whether upstream, midstream or downstream, oil & gas companies heard from experts that a new era in cybersecurity is here. Perimeter defenses and firewalls no longer provide protection from APTs and the range of adversaries who target their companies’ most valuable assets and operations.

Read more

Release of ASM 6.0 was a significant milestone for Lockheed Martin and the Industrial Defender ASM solution stack. In a little more than two years from its first release ASM has captured the mindshare of the OT market. With ASM 6.0 we’ve introduced new applications and several key improvements to existing applications. After a successful controlled introduction process we are to happy to announce the general availablity to the market.

Industrial Defender solutions will be the standard across our entire fleet." – Leading US Utility

Read more

Primary objectives of hydroelectric control systems operators include ensuring operational stability and simplifying the task of meeting federal security and compliance requirements.

What's standing in their way? We've compiled a list of 10 major concerns facing operators in assuring the operational stability of all water management assets, as well as compliance with Federal Energy Regulatory Commission and NERC standards. These challenges can be broadly grouped into three major areas:

  • Business Practices
  • Infrastructure Management
  • Policy Considerations

Read more

Understanding the art and science of securing your environment

Cybersecurity is a gigantic topic. It’s more than just technology. It’s a careful mixture between art and science. Understanding the mechanics behind protecting, identifying and thwarting attacks, although crucial to the science of cybersecurity, represents only one side of the coin. Knowing your enemy, understanding the sociopolitical nuances of your environment, and predicting where you’re most likely to get attacked, that’s art.

Read more

Defining Cyber Concerns at 2014 ICS Cyber Security Conference

Joe Weiss has been beating the ICS Cyber Security drum for the past 12 years. Once again he summoned global critical infrastructure control systems engineers and asset owners working in operations management or in IT to join him for an annual conference. During the opening keynote Weiss articulated three challenges to achieving ICS cyber security in the context of collaborating with enterprise IT professionals.

Read more

We are wrapping up October, which is National Cyber Security Awareness Month, so today I want to share the ways citizens can help to support and build greater cyber resiliency.  

The purpose of National Cyber Security Awareness Month is to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cyber security.  According to the Department of Homeland Security, Cyber Awareness Month aims to increase the resiliency of the nation in the event of a cyber incident.

The role of citizens is growing by leaps and bounds as it relates to thwarting and potentially curbing cyber attacks. In my mind, this role can be bolstered by the following three actions:

Read more

Fact: Being compliant is not being secure and being secure is not being compliant. Can electric utilities blend compliance and security objectives to leverage the same tools, people and time?

Compliance keeps you compliant. Security keeps you safe.”

Mark Weatherford of the Chertoff Group was very emphatic on this point in this month’s EnergyCentral webcast saying, “Compliance is not security. We should all have that tattooed somewhere on our body.”

Read more

This month marks the 10th anniversary of National Cyber Security Month in the U.S. and DHS.gov is dedicating the third week of the month to awareness on the topic of cyber security as it relates to critical infrastructure and the internet of things. This month is a great opportunity to raise awareness on the importance of cyber security with your customers, your employees and your boards. 

Read more