This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-997971836-1231223018=:28293
Content-Type: TEXT/PLAIN; CHARSET=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-ID:  

http://www.controleng.com/article/CA6625494.html 

By Peter Welander
Control Engineering
1/5/2009

While cyber security issues have been lurking in the background for some 
time now, 2009 will be the year they step into the light and probably 
your plant. Here=E2=80=99s why.

First and foremost, the NERC CIP (National Electric Reliability 
Corporation Critical Infrastructure Protection) regulations are coming 
into effect now. This may only affect power plants and larger utilities 
for the time being, but what happens through this implementation could 
hit you sooner than later.

This program has specific things that electrical producers must do to 
ensure the security of their systems and infrastructure, and this will 
likely serve as a model for other industries. The definition of 
=E2=80=9Ccritical=E2=80=9D will likely grow in scope as time goes on. Even if suspending 
the output of your plant will not cause the greater economy to grind to 
a halt, you might have things on your site that shouldn=E2=80=99t be released 
into the atmosphere, dumped into local waterways, set on fire, or 
detonated. Keeping those things from happening is critical.

Second, NIST (National Institute of Standards and Technology) will 
likely transition its NIST SP 800-82, DRAFT Guide to Industrial Control 
Systems (ICS) Security to an official release sometime in 2009. The 
comment period on the third and final draft closed on November 30, 2008. 
Unlike the NERC regulations, this is only a guide. However, it is 
already having a significant influence on security directions for 
industries that rely on industrial control systems, i.e., everyone. 
Publishing guides and standards is a crowded field, and there is no 
shortage of cyber security guides from a variety of organizations. This 
NIST guide is showing potential of emerging as the definitive work that 
can help tie together many of these standards written for specific 
industry verticals.

[...]


--1457021584-997971836-1231223018=:28293
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________      
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html 

--1457021584-997971836-1231223018=:28293--