After a relatively grim Day One of DHS’s Industrial Control Systems Joint Working Group Spring Meeting in San Antonio, I’m happy to report that Day Two was dramatically better with quite a few interesting presentations.
There were three concurrent tracks with 45-minute presentations throughout the day. In addition to the Bandolier panel, the highlight for me [...]

Here are a few more thoughts and observations from ICSJWG…

We taught our Using and Customizing SCADA Security Tools course on the Monday prior to ICSJWG. Seeing the students in the class use and customize Bandolier was exciting and, for me, helped set the tone for the next couple of days. Dale already covered some other [...]

Clint Kreitner from the Center for Internet Security [CIS] organized a case study panel at ICSJWG. It told the story of the Bandolier project.

beginning with Clint introducing industry consensus security configuration recommendations for IT components such as the OS, web server and database
Digital Bond’s working with a vendor to insure the consensus guidelines don’t affect [...]

Today was Day One of the spring meeting of DHS’s Industrial Control System Joint Working Group [ICSJWG]. Here are some highlights and comments:
There were just over 200 people at the event, official number or registrants was 267. Just like PCSF before it, ICSJWG is often worth attending just for the opportunity to talk with so [...]

I’m in San Antonio at DHS’s ICSJWG, and I’ll be tweeting on the event the next two days, @digitalbond. Jason and Daniel are here as well along with others who will be tweeting. See #ICSJWG for all the tweets.

We do a lot more work in the generation and transmission side of the electric sector so Distributech is always a welcome show to learn more about the distribution side. And of course this year Smart Grid dominated the show.

One very clear positive result from the NERC CIP standards is substation communications gateway equipment [...]

The Digital Bond team will be at some events over the next four weeks.
Marco and I will be at Distributech in Tampa from March 23 – 25. We will be in the Department of Energy booth talking about our DoE funded Bandolier and Portaledge projects. Stop by and you can see a Bandolier demo and [...]

A reader sent me a link and some additional info on the next US edition of the SANS SCADA Security Summit, March 29 – 30th in Orlando. I’m scratching my head trying to figure this out.
- Why would the Summit be scheduled the week before ICSJWG in San Antonio? [not to mention the week after [...]

The meetings this morning are more subgroup sessions. First up is the International Subgroup, whose purpose is to “address the growing need for international collaboration to effectively manage cyber risk both domestically and abroad”. Sean McGurk and Mike Assante are making opening remarks and then opening the floor for discussion. One of McGurk’s comments was [...]

Day 2 keynote is from Roy Akerman of Israel’s National Information and Security Authority. The presentation was titled Israeli Legal Basis for Information Security Regulation. It was an interesting look at the history of Israel’s information security regulation over the past decade. Their legislation actually names the entities that are subject to the laws. [...]