Certrec Sentinel v2.1 - Maroon

Executive View

Texas RE’s Director Lists APTs as One of the Top Cybersecurity Threats

Kenath Carver

Director, Cybersecurity Outreach, Texas RE

About:
Mr. Carver is Director of Cybersecurity Outreach and CIP Compliance at Texas RE. He joined Texas Reliability Entity, Inc. (Texas RE), in February 2012, and has more than 15 years of Information Technology experience.
 

Below is an excerpt of Certrec Sentinel’s recent interview with Mr. Carver.
To read the full interview, click here.

Certrec Sentinel Question: You’ve been in this industry for more than a decade. What, in your opinion, are the hottest cybersecurity threats at the present time?

Answer: Advanced Persistent Threats (APTs) are at the top of my list. APTs continue to evolve and exploit vulnerabilities with increased sophistication. Past and current vulnerabilities continue to be leveraged by APTs to try to achieve objectives. Examples of the most recent vulnerabilities include “PIPEDREAM,” “Log4j”, various ransomware, and the “SolarWinds Orion Code Compromise.” Fortunately, the NERC CIP Standards offer a baseline of cyber and physical security controls that promote the reduction of risk associated with these threats and vulnerabilities. For example, network security, security patching, malicious code prevention, security event monitoring, and supply chain risk management controls can all be found in various CIP Standards. Today, we are all in a “Shields Up” status because of Russia’s invasion of Ukraine, so it is important that organizations and entities continue to work towards strengthening their cyber and physical security posture.

Certrec Sentinel Question: Please provide a tip to aspiring professionals in the field of CIP compliance.

Answer: Let us start by removing one myth: you do not have to have a decade of experience to make a difference in this profession. This industry needs more individuals to help meet the demand and challenges associated with the reliability and security of our Critical Infrastructure. For aspiring professionals in the field of CIP compliance, do not forget the basics. I leave you with this final thought—we must continue to focus on more diverse candidate pools to help promote innovation and new ways of thinking to foster solutions to the unique opportunities facing the grid. Remember that our differences as individuals make us stronger as a team.

Expert View

Find out How the Recent Update to NERC CIP-013-2 Affects You

Kirk Heacock, CIP Compliance Analyst,
Certrec

Kirk Heacock

CIP Analyst at Certrec

“Ensure your vendor is implementing cybersecurity best practices when it comes to their products such as the use of software vulnerability code checking applications. Also remember that cybersecurity incidents of this nature should always be reported quickly using the entity’s Incident Response Plan(s), as required by CIP-003 and CIP-008. In these days and times, it is more important than ever to be familiar with your Incident Response Plans. Not only will this be very useful to the entity at the time of the incident, it also helps ensure information regarding a cybersecurity event will be widely disseminated.”

Read more.

Dave's Compliance Capers

NERC Audit Preparations

Certrec Comic v3-min

Participate in
Certrec Market Research Polls

October Poll Results

Solar was the most voted answer in this poll; however, research shows that hydro is actually the cheapest renewable energy source. On average, hydroelectricity costs $0.05 per kWh. This is in comparison to solar, which costs about $0.10 per kWh. Interestingly, in some areas, wind can be the cheapest at $0.04 per kWh, though this is inconsistent, as it can cost $0.06 per kWh in other areas.

Participate in Our November Market Research Polls

October Poll Results
See the Results in Next Month's Newsletter
  • Do smart grid efforts pose an increased threat to cybersecurity?
    Participate here.
  • How much does energy generation decrease in solar panels during winter?
    Participate here.
  • Should power plants be doing more to prevent security threats from hostile nations?
    Participate here.

October Industry Updates

Department of Energy Lists Distributed Resources
Department of Energy Lists Distributed Resources, such as Solar and Batteries, as a Growing Pathway for Cyberattacks

Distributed energy resources, or DERs, “pose emerging cybersecurity challenges to the electric grid” and they should be designed with security as a “core…
Read more

Department of Energy Increases Funding to Study Domestic Production
Department of Energy Increases Funding to Study Domestic Production for Critical Minerals for Solar Panels

The U.S. Department of Energy has issued a Notice of Intent to fund a $32 million Bipartisan Infrastructure Law program supporting front-end engineering design studies to produce rare earth elements…
Read more

EE North America Set to Develop 10 Gigawatts Renewable Energy
EE North America Set to Develop 10 Gigawatts Renewable Energy in the U.S. by 2026

EE North America recently opened a new office in Austin, Texas, to support its U.S. development pipeline. The company has purchased over 7,000 acres of land to develop its first U.S. Solar projects…
Read more

Certrec News

8- Certrec’s New Alliance with Fischer Block will Assist Power Plants with Evidence Collection for NERC Audits and Keep the Grid Operational - Featured Image - Certrec
Fischer Block Alliance: Creating a Safer and More Reliable Grid

New Alliance — Certrec is pleased to announce its alliance with Fischer Block. Recently, power plants have increased their digitization efforts to create a more reliable grid. Fischer Block’s new SMART block devices further those effort by alerting power plants to operational…

Read more

North American Generator Forum
North American Generator Forum: A Blowout Success

Educating the Industry — Certrec sponsored and attended the North American Generator Forum: GENerating Reliability and Resiliency 2022 – Compliance Conference and Annual Meeting. Certrec’s Head of Strategic Marketing and Alliances, Fas Mosleh, presented on…
Read more

13- Certrec Assists Abilene Christian University with Molten Salt Research Reactor Construction Permit Application - Press Release - Featured Image- Certrec
Certrec Assists Abilene Christian University with Molten Salt Research Reactor Construction Permit Application

Customer Achievement — Certrec Assists Abilene Christian University with Molten Salt Research Reactor Construction Permit Application…
Read more

Gain Immediate Access to Certrec’s CORE
Gain Immediate Access to Certrec’s NERC Consultants with a Credit Card

An Industry First — Certrec proudly offers Certrec On-Demand Expertise (CORE) Support hours. With CORE , you can now pay online in advance via credit card. Simply select a fixed number of hours, for immediate on-demand assistance from experienced CORE consultants…
Read more

Upcoming Industry Events

  • Southeast Renewable Energy
    Nov. 30-Dec. 2 — Charlotte, NC, at the Omni Charlotte Hotel
    Read More
  • 2022 NHA Southeast Regional Meeting
    Dec. 5-6 — Chattanooga, TN, at the Marriott Downtown Chattanooga
    Read More

Meet Certrec at these Events

  • 2023 Midwest Energy Solutions Conference
    Jan. 31-Feb. 2 — Chicago, IL, at the Chicago Marriott Downtown Magnificent Mile
    Read More
  • Distributech 2023
    Feb. 4-7 — San Diego, CA, at the San Diego Convention Center
    Read More
  • PowerGen 2023
    Feb. 21-23 — Orlando, FL, at the Orange County Convention Center
    Read More

Gain Instant Access

Certrec's Regulatory Expertise with a Credit Card

CCJW10

Newsletter Subscribers Can Use this Code to Save 10% on all Certrec CORE Packages

Don’t know what works for you? Arrange an introductory call for regulatory compliance today.
Click the button below (or call me, John, at 214-552-9589).

Subscribe to the Certrec Sentinel Newsletter here.