Reversing the Drift into Failure

In his January 2016  Cryptogram newsletter, Bruce Schneier reprinted an essay on “normalization of deviance”: the process of divergence from defined policies and procedures into increasingly risky practices. Explored in detail by Dr. Diane Vaughan, as well as by other researchers and practitioners seeking to explain catastrophic failure events, it bears great relevance on cyber […]

Read More »

Christmas Blackout in the Ukraine

In March 2015, at our SPARKS Stakeholder workshop, the SPARKS team demonstrated how attackers could use a combination of social engineering and custom malware to disrupt energy generation and distribution. Coordinated across three different geographical locations, the attack began with a phishing email to an administrator, continued with lateral movement from that administrative environment into […]

Read More »

Risky Root Causes

I spoke recently at a workshop organized by the Alan Turing Institute in London to identify areas related to cyber security in which major research is needed. Though I focused on security analytics, I also talked about the need to develop more effective models for understanding and managing risk, citing the work that we are […]

Read More »

Avoiding the Innovator’s Dilemma in Smart Grid Security

The final keynote at RSA Conference Abu Dhabi 2015 was given by Richard Clarke, always an interesting and challenging speaker. As I listened to his discussion of responding to cyber threats, however, I was struck by his strong emphasis on preventative measures and the relatively little discussion of the essential role of ongoing visibility and […]

Read More »

Smart Grid Security Innovation

As we call out on the SPARKS overview webpage, our project aims to provide innovtive solutions to ensure the cybersecurity and resilience of smart grids.  Those innovations include technological advancements, particulary through our four mini-projects: 1) intrustion detection systems for SCADA, 2) cyberattack-resilient control systems, 2) security analytics for Smart Grid, and 4) use of […]

Read More »

Cascading Risk: The Lloyds “Business Blackout” Report

In early July, Lloyds published “Business Blackout: The insurance implications of an cyber attack on the US power grid”, a study of the financial impact of a hypothetical electric grid failure scenario in the US. Developed jointly with the University of Cambridge Center for Risk Studies, it is an very important report not only for […]

Read More »

Social Engineering Attacks and the Smart Grid

I spoke recently at a meeting of the Dublin, Ireland chapter of ISACA about the continued (and increasing) use of social engineering in cyberattacks discussed in several recent reports, including the joint report by ISACA and RSA that documents the results of a survey of cybersecurity professionals, conducted in the first quarter of 2015. Those […]

Read More »

Microgrids and Smart Grid Resilience

Photo by Rob Ward, (Landis+Gyr): SPARKS Advisory Board and Project Team meetings January 2015 The SPARKS project team held a 3-day meeting recently, including both a 1-day workshop with the project’s advisory board and a 2-day workshop on our near-term deliverables. I spent much of my time working on the evaluation of various reference architectures, methodlogies and models for […]

Read More »

Steel Mills and the Security of Critical Infrastructure

In late December, the German government issued a report about a cyber attack on a steel mill that resulted in significant damage to that facility. The attack has received extensive publicity since then, from the BBC to YouTube, including a detailed analysis of the attack by SANS. Many of these reports, call such as the […]

Read More »