Archive for April, 2012

The fallacy of the LIGHTS program

According to LIGHTS (http://www.infosecisland.com/blogview/20649-Shining-LIGHTS-on-ICS-Cybers…), "Large asset owners have vastly complex operations and accordingly stringent requirements. The process of assessing their current security status a…

Secrecy as Contangion

Alex Wellerstein, historian of science and blogger at “Restricted Data: The Nuclear Secrecy Blog,” shares a great quote about the adverse effects of secrecy. In a post about “Cold War Sex, Cold War Secrecy” (in a nutshell: start…

Statement by Press Secretary Matt Chandler on Secretary Napolitano’s Upcoming Visit to New Zealand and Australia

Secretary of Homeland Security Janet Napolitano will travel to Wellington, New Zealand, and Canberra and Brisbane, Australia on May 2-5

Lessons Learned From The Bin Laden Raid

The one year anniversary of the raid that resulted in Osama Bin Laden’s death has brought with it a steady stream of analysis.  You have the stories about while what traditionally (if less than a decade can be considered “traditional&#8221…

Readout of Secretary Napolitano’s Remarks at the Anti-Defamation League’s National Leadership Conference

Secretary of Homeland Security Janet Napolitano today delivered remarks at the Anti-Defamation League’s (ADL) National Leadership Conference—underscoring the Department of Homeland Security’s (DHS) partnerships with faith-based communities and or…

Readout of Secretary Napolitano’s Remarks at the Anti-Defamation League’s National Leadership Conference

Secretary of Homeland Security Janet Napolitano today delivered remarks at the Anti-Defamation League’s (ADL) National Leadership Conference—underscoring the Department of Homeland Security’s (DHS) partnerships with faith-based communities and or…

ISA Award, IEEE Smart Grid Control System Cyber Security Training, and new book

I have been informed I will be receiving the 2012 ISA Power Industry (POWID) Division Service Award at the June ISA POWID Symposium. ISA POWID is the international standards organization for power plant instrumentation and control systems.
read more

ICS-CERT has released an Updated ALERT ‘ICS-ALERT-12-116-01A – (UPDATE) RuggedCom Weak Cryptography for Password Vulnerability’ (PDF)

This updated ALERT contains a new notification from RuggedCom as well as their notice of intent to release a patch within the next month.

Cybersecurity: A gale is brewing in the rocky waters of unknowing

From Jason and the Argonauts (1963) Late Thursday afternoon the Cyber Intelligence Sharing and Protection Act (CISPA) was passed by the House on a bipartisan vote of 248-168.  Forty-two Democrats voted for the bill and 28 Republicans voted against it…

Shared cybersecurity sensibilities squandered in the scuffle

One side compromised with the other, alleged deals were done, criticisms were leveled, a possible veto was signaled (threatened would be too strong in this case),  alleged deals unraveled, unprincipled behavior was alleged.  Further compromise was pr…