Author Archives Chris Humphreys

DOE Report Validates Holistic Approach to Grid Cybersecurity

The DOE’ s Quadrennial Energy Review Report was released on Friday with some very obvious nods to the combating and recovery from emerging cyber threat across multiple critical infrastructure verticals including- Oil & Gas, Hospitals, and residential power delivery. What I found the most telli...

 / No Comments  / in General

NERC CIP Requirements Inadequate To Detect Russian Spear Fishing

According to multiple media reports, the malware associated with Grizzly Steppe was discovered on a Burlington Electric laptop that was “not connected to the organization’s grid systems.” These reports were based on this DHS/FBI Joint Analysis Report (JAR) from Dec 29, 2016.  Grizzly Steppe i...

 / No Comments  / in General

The Anfield Group Joins the Power Generation Services Family

          AUSTIN, TX (Oct. 6) The Anfield Group (TAG), one of the nation’s leading providers of cybersecurity compliance and advisory services for the bulk electric industry, has joined GridForce Energy Management and Power Analytics as a subsidiary under Power Generation Services (PoGens). S...

 / No Comments  / in General

Standards Dog Chases Tail While Reliability/Security Rabbit Races Ahead

With the news of FERC ordering a Supply Chain Management Standard to be enforced upon NERC-Registered Entities, I wanted to offer up a few thoughts: Better Late Than Never While there have been several use-cases in recent years for the need of expanding awareness around supply chain management vulne...

 / No Comments  / in General

Predictions and Advice on NERC CIP V5/V6 Compliance

With the NERC CIP V5/V6 compliance deadline only four days away, I’m sure everyone is 100% ready and got everything figured out with no worries- right? While some of you I’m sure are still scrambling, I thought I’d offer up a few predictions and advice based on my previous experience with Vers...

 / No Comments  / in General

A Holistic Approach to Grid Security

Anyone who has ever attended one of our events or heard a presentation by The Anfield Group knows how passionate we are about taking a holistic approach to grid security. We’ve told you over and over that “being compliant doesn’t mean you’re secure” and “unless yo...

 / No Comments  / in General

FERC Changes CIP V5 Implementation Date

FERC CHANGES CIP V5 IMPLEMENTATION DATE TO JULY 1 AUSTIN, TX (February 25) – This afternoon, the Federal Energy Regulatory Commission (FERC) approved a request from trade associations to move the date for implementing the critical infrastructure protection (CIP) version 5 Reliability Standards...

 / No Comments  / in General, Press Release

TAG Blog: NIST is Here. Are You Ready?

By now, most of you are familiar with our commitment to providing our clients with “compliance as a by-product of security and best practices.” We didn’t come up with this approach to be different. We adopted it because our vast experience with NERC audits clearly showed this game ...

 / No Comments  / in General

New TAG Poster Maps v.3 to v.5; SANS Top 20 Critical Controls and NIST SP 800 Pubs

The Anfield Group’s very poplar mappings of NERC CIP Version 3 to Version 5 and the SANS Top 20 Critical Controls have been updated into a new poster that maps NERC CIP Version 3 to Version 5, The SANS Top 20 Critical Controls, and the NIST SP 800 series publications. The idea has always been ...

 / 2 Comments  / in General

Austin Summit to Focus on Protecting National Power Grid From Cyber and Physical Attacks

AUSTIN, TX (June 15, 2015) – On August 5-6, Austin will host the 4th Annual Technologies for Security and Compliance Summit. Held at the Barton Creek Resort and Spa, the summit provides a unique opportunity to meet the people who provide the expertise and tools needed to protect the North Amer...

 / No Comments  / in General, Press Release