Use This NERC CIP v6 Standards Summary to Stay Compliant

Thanks to FERC’s Order 822, the North American Electric Reliability Corporation’s critical infrastructure protection standards, known as NERC CIP, are continually updated. Seven updated standards proposed by NERC for inclusion have now been accepted. April 1st, 2016, was the compliance deadline for the NERC CIP v5 requirements. Most of the ... Read More

Security as a Quality Gate for DevOps

| | containers, DEVOPS, DevSecOps
It’s hardly a controversial statement to say that DevOps is changing the way that organizations build and deploy applications. There’s plenty of material, stories, whitepapers and whole companies that demonstrate this trend. There are, however, a couple of things that make a discussion about security and DevOps important. First, while ... Read More
What Is Integrity Management?

What Is Integrity Management?

If you’ve been in information security for a while, you’ve likely had some experience with file integrity monitoring (FIM). It’s a capability with a long history, going back to the original open-source Tripwire tool for monitoring file hashes. And FIM has staying power. It’s still around, and there are still ... Read More

The Security Implications of Killing Net Neutrality

A first pass look at the issue of net neutrality might not immediately bring to mind concerns around cybersecurity, but we shouldn’t ignore the logical security implications of fundamentally reclassifying the Internet. Let’s level set a little bit, for net neutrality doesn’t appear to be a simple issue for most, ... Read More