The Energy Collective Group
This group brings together the best thinkers on energy and climate. Join us for smart, insightful posts and conversations about where the energy industry is and where it is going.
Shared Link
The 7th Annual BSides Connecticut Conference November 13th and 14th 2020
Best Practices for Software Supply Chain Risk Assessments Richard Brooks
Software supply chain risk, especially the risk of foreign influence, has received high visibility in the Energy industry. Software objects should never be installed, without performing a comprehensive risk assessment to determine the trustworthiness of a software object to perform its function without increasing or introducing cyber risks. This session describes best practices using a seven step software supply chain risk assessment based on the NIST Cybersecurity Framework V1.1 to protect the bulk electric system from cyber risks inherent in software used for command and control.
This session also includes a brief introduction to the OWASP CycloneDX SBOM standard using materials provided by Steve Springett.
The 7th Annual BSides Connecticut Conference November 13th and 14th 2020
On November 13th and 14th, BSidesCT is hosting its 7th annual community-driven information security conference in a high-resolution, creative, COVID-safe virtual environment. This year our event includes presentations by information security experts, our thoughtfully crafted capture the flag learning contest, interactive workshops, and a complete online platform allowing attendees to collaborate over text-based chat and video conferencing. Your organization is invited and can help us make this possible. Please email info@bsidesct.org for additional information regarding sponsorship opportunities.
- Gas-Electric Harmonization Initiative in NAESB is on track to succeed
- FERC commissioners pursue market, non-market answers to ISO-NE’s ‘dire’ winter reliability risks
- Utilities That Lack a Data Analytic Platform are Driving Blind and at Risk
- OMB Memo Identifies Best Practices for Software Supply Chain Protections
Discussions
No discussions yet. Start a discussion below.
Get Published - Build a Following
The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.
If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.
Your access to Member Features is limited.
Sign in to Participate