Skip to content
  • EC Webcasts
  • Power Perspectives™
  • Special Issues
  • PowerSessions™
  • Sponsors
  • Home
  • Community
    • Q&A
    • Posts
    • Members
    • Experts
  • Groups
    • The Power Industry Network™

      Utility Business Network
      EnergyBiz® Network
      • Utility Professionals
      • Utility Management 
      • Customer Care 
      • HR & Recruitment
      • Resource Management
      Generation Network
      Generation Network
      • Generation Professionals
      • Clean Power Group
      Energy Management Network
      Energy Management Network
      • Load Management
      • Energy Efficiency
      Intelligent Utility Network
      Intelligent Utility® Network
      • Digital Utility
      • Mobile Workforce
      Grid Network
      Grid Network
      • Grid Professionals
      • Transmission Professionals
      Energy & Sustainability Network
      Energy & Sustainability
      Network
      • The Energy Collective
      • Oil & Gas Professionals
      • Clean Energy Business Network
      • Enel Foundation
  • Topics
  • Jobs
  • News
  • Calendar
  • Resources
    • Podcasts
    • Case Studies
    • White Papers
    • Recorded Webinars
  • Subscribe
  • More
    • Subscribe
  • ×
  • Create new content
    • Sign In
    • Apply for Membership
Part of Energy & Sustainability Network »

The Energy Collective Group

This group brings together the best thinkers on energy and climate. Join us for smart, insightful posts and conversations about where the energy industry is and where it is going.

Join
  • Home
  • Posts
  • Q&A
  • Calendar
  • News
  • Members
  • Experts
  • Sponsors
Author Profile
Richard Brooks's picture
Richard Brooks
Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC
Follow
Contact

About me

Successful developer of Energy Industry B2B and Cyber security standards at North American Energy Standards Board (NAESB) (www.naesb.org) since 1995; ANSI Meritorious Service Award Recipient;...

  • Member since 2018
  • 928 items added with 385,208 views

Status

  • Load Management Expert
  • Digital Utility Expert

Top Members

Shared Link

  • Share
  • Sign in to Vote Like
  • Comment
  • Aug 5, 2020 6:00 pm GMTAug 5, 2020 6:05 pm GMT
  • 2489 views

NTIA to Host Proof-of-Concept Summit in Software Transparency Effort

More agencies are starting to ask suppliers for a software bill of materials in building a foundation for better, faster cybersecurity.

Read More
Source: www.nextgov.com

Software Bill of Materials are a key factor in determing the trust level of a software object as part of a software supply chain risk assessment. Companies serving in critical infrastructure should never install a software object without knowing "what's inside". Best practices recommend performing a risk assessment before any attempt to install a software object. Never trust software, always verify and report!™

I hope you will join us on on 8/12 when Energy Central will hosting a PowerSession on Software Supply Chain risk assessment best practices

  • report
  • cybersecurity
Richard Brooks's picture

Thank Richard for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Sign in to Vote Like this post
Follow
More posts from this member
  • David Sibley: ERCOT didn’t cause winter outages
  • Texas lawmakers seek to assign blame for deadly power blackout
  • Western Assessment of Resource Adequacy Report 12-18 (Final).pdf.pdf
  • ERCOT Report on Cold Weather Event 2021; BOD Presentation 2-24-2021

Discussions

Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.

Sign in to Participate

No discussions yet. Start a discussion below.

Related PowerSessions™ Content
PowerSessions™

EC PowerSession™ - Cybersecurity on the U.S. Power Grid: Software Supply Chain Risks and Mitigations for NERC CIP-010-3

On Demand - Cybersecurity on the U.S. Power Grid: Software Supply Chain Risks and Mitigations for NERC CIP-010-3 - Happy Hour Follow-up Discussion

On Demand: Cybersecurity on the U.S. Power Grid: Software Supply Chain Risks and Mitigations for NERC CIP-010-3 [an Energy Central PowerSession™]

Q&A with Richard Brooks after his Energy Central PowerSession: Cybersecurity on the U.S. Power Grid: Software Supply Chain Risks and Mitigations for NERC CIP-010-3

Do you have any thoughts on how to verify the validity of a relay's firmware prior to installing it outside of taking the software's word for it?

Are file hashes of files from a vendor a viable option for an additional security measure?

Is penetration testing the best way of monitoring and checking how safe and secure your system is?

How can you map NIST NVA systems/components to NERC levels, and how can you relate NIST risk to risk of the BES?

What role will blockchain / self-sovereign identity play in the future of utility security?

What is the best way to verify software integrity and validation other than file hashing when applying patches to BES Cyber assets?

FERC Requests Comments on Grid Cybersecurity Initiatives | Inside Energy & Environment

Breaking trust: Shades of crisis across an insecure software supply chain - Atlantic Council

New York Power Authority and Siemens Energy, Inc. to Lead World-Class Cybersecurity Center of Excellence

DOE Cybersecurity RFI UPDATE: Comments now posted

Read this PowerSessions™

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

Start a Post »                 Learn more about posting on Energy Central »

Your access to Member Features is limited.

Sign InApply for membership
  • Share a link
Related Content
Measuring Cyber Security Success in the Electricity Subsector
Utility Infrastructure Cybersecurity Spending Increases
A strong offense can decrease cyberattacks on critical infrastructure
Spring Cleaning for your Cyber Program

Recent Comments

Bob Meinetz
Bob commented on ...
What's behind $15,000 electricity bills in Texas?
"That is how Net-Metering is supposed to work."
Bob Meinetz
Bob commented on ...
Don't blame turbines for Texas crisis
Too funny.
Bob Meinetz
Bob commented on ...
8 things that need to happen this decade to reach net zero emissions by 2050
"'... a build rate of 61 new reactors per year could entirely replace current fossil fuel electricity generation by 2050.'
Jim Stack
Jim commented on ...
Don't blame turbines for Texas crisis
I'm glad there is records of the power sources. If not they would never admit it.

Sponsors & Partners

EnergyCentralJobs
Esri
Energy Central
Bentley Systems, Inc.
Anterix
S&C Electric Company
Fluix
Owl Cyber Defense
ACI Worldwide
CTC Global
AESP
PLMA (Peak Load Management Alliance)
Guidehouse

Energy Central
Our Mission
Our mission at Energy Central is to help global power industry professionals work better. Our Power Industry Network™ platform is built to help our members connect with each other, share their knowledge & experience and advance their careers in the industry. Membership is open to professionals working at utilities and organizations supporting the industry.

Energy Central

  • Membership
  • Community Standards
  • Participate!
  • Privacy Policy
  • Terms of Service
  • About Us
  • Advertise with Us

Get Social

  • Twitter
  • LinkedIn
  • Facebook

Stay Connected

  • Subscribe
  • Follow via RSS
  • Contact Us