Clik here to view.
2012 NCSAM Tip #22
In the game of staying ahead of cyber security threats there is no substitute for knowing the vulnerability state of your environment. There are many tools available that can help security...
View ArticleClik here to view.
2012 NCSAM Tip #23
As has been mentioned in several NESCO NCSAM tips, knowing the business is an important aspect of being able to apply appropriate security solutions to a control system environment. We have suggested...
View ArticleClik here to view.
2012 NCSAM Tip #24
In the event of a cybersecurity incident, taking forensic-minded handling precautions are essential. As documented by Department of Homeland Security (DHS)’s National Cyber Security Division Control...
View ArticleClik here to view.
2012 NCSAM Tip #25
Although one might argue that passwords are no longer adequate, industrial control system environments still rely on them as part of an overall defense-in-depth security practice. Be sure to...
View ArticleClik here to view.
2012 NCSAM Tip #26
Database security is often a forgotten task. Many systems in the electric sector provide a means for an organization to utilize a variety of database platforms. Regardless if it is Oracle, MS-SQL,...
View ArticleClik here to view.
2012 NCSAM Tip #27
Most security practitioners have heard the phrase, “security by obscurity” at least a few times in their career. Perhaps, even ad nauseam. The phrase essentially means that a perception of security...
View ArticleClik here to view.
2012 NCSAM Tip #28
Executive buy-in is essential in building a strong security program. We often hear the mantra about the “tone from the top”. But how does one go about obtaining the executive sponsorship that is so...
View ArticleClik here to view.
2012 NCSAM Tip #29
Ensure published case studies, regulatory filings, conference materials, websites, blogs and other public information sources do not include sensitive information about your critical infrastructures....
View ArticleClik here to view.
2012 NCSAM Tip #30
Take time to draft security policies that make business sense. Pay particular attention to each security policy statement focusing on how the policy would work within the environment it is intended to...
View ArticleClik here to view.
2012 NCSAM Tip #31
Hardening the operating system is a common practice that should be addressed; however, do not forget to harden the hardware as well. Consider using strong bios passwords, removing or disabling all...
View Article
