The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

WARNING: SIGN-IN

You need to be a member of Energy Central to access some features and content. Please or register to continue.

Post

Q&A with Richard Brooks after his Energy Central PowerSession: Cybersecurity on the U.S. Power Grid: Software Supply Chain Risks and Mitigations for NERC CIP-010-3

image credit: Approved to use

Earlier this month, Energy Central hosted a PowerSession with Community Expert Richard Brooks to cover the recent developments in the world of grid cybersecurity, dig into NERC CIP-010-3 updates and debates, and discuss what stakeholders across the grid should be focusing on when it comes to the security of software.

This PowerSession was a very lively dialogue between Richard and the hundreds of active participants who joined live, giving rise to many nuanced and thought-provoking questions. While the live presentation was restricted to a one hour time limit (which you can watch on demand as a replay here if you missed it the first time), the Energy Central Community and PowerSession audience came through with enough questions that could have readily filled up twice that time slot!

Understandably, Richard was unable to answer all these questions live during the PowerSession, but we made sure to follow up with him to get his take on the questions that we didn’t have time for, allowing for the great conversation to continue after the PowerSession was completed.

You can read some of the key Q&A that had to be taken offline outside of the PowerSession in the links below. If you’re curious about any of these questions, be sure to click through to the links to read Richard’s answers, and while you’re there feel free to ask any follow-up questions or even provide your own response to the original question. Energy Central is all about conversation, so let’s keep it going on this hot topic!

Matt Chester

Community Manager

PS: Because of that overwhelming response, Energy Central will be hosting Richard Brooks at 4 PM Eastern on Thursday August 27 for another hour to discuss these critical topics. This time it will all be about your questions and your thoughts - a true dialogue. Pop in at any point during this hour that’s convenient for you and you’ll be able to chat live with Richard, share your thoughts, ask more detailed questions, and really engage with our esteemed guest on the topic. Think of it as a combination of an informal afternoon happy hour and open office hours with your favorite cybersecurity expert. Join when you’re free, stay as long as you can to get your questions answered or listen to the conversation from others, and leave when you must.

 

See the Answers to These Questions from the PowerSession

What is the best way to verify software integrity and validation other than file hashing when applying patches to BES Cyber assets?

What role will blockchain / self-sovereign identity play in the future of utility security?

How can you map NIST NVA systems/components to NERC levels, and how can you relate NIST risk to risk of the BES?

Is penetration testing the best way of monitoring and checking how safe and secure your system is?

Are file hashes of files from a vendor a viable option for an additional security measure?

Do you have any thoughts on how to verify the validity of a relay's firmware prior to installing it outside of taking the software's word for it?

Discussions

Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »