Disruption Forum
Leading Through Disruption
  • Home
  • About Us
    • Our Advisory Council
    • Our Mission and Vision
    • Our Focus
    • What is Strategic Disruption?
    • Can Disruption be Managed
  • Cyber Crime = Business Risk
  • Contact

WIRED: The Hail Mary Plan to Restart a Hacked US Electric Grid

11/19/2018

0 Comments

 
Recent world events, including two successful cyber attacks on the Ukrainian power grid and evidence of hacking on the US grid have changed the experts' assessment of how vulnerable the US electric grid is at this time. WIRED does a good job describing the tangible steps and the recent collaboration of the Nation's top defense scientists and representatives of the leading energy companies. Time to start figuring out what we will do AFTER the US grid goes black.
Picture
A substation in the RADICS test grid on Plum Island, NY. - DARPA
"IN HIS YEARS-LONG career developing software for power grids, Stan McHann had never before heard the ominous noise that rang out last Wednesday. Standing in the middle of a utility command center, he flinched as a cyberattack tripped the breakers in all seven of the grid's low voltage substations, plunging the system into darkness."  Lily Hay Newman, WIRED

​So begins WIRED's tale of how our top engineers and scientists came to accept that our electrical grid is in a state known as "Assume Breach".  What this means is that there has not been an attack on our fragile and hard-working grid, but the experts have found the footprints - forensic evidence - that bad actors have been electronically 'roaming' the complex control systems at our most sophisticated and essential utilities - at will and without being detected. These events mirror the first steps that were taken by Russia in 2 years of breaching the Ukraine electrical grid -- but actually bringing those grids down to a 'black start' condition. And in some cases purposely 'bricked'. For example, much of the communications gear was not even repairable -- and required new equipment to be ordered, configured and installed. Not a rapid process. With this in mind DARPA (the Defense Advanced Research Projects Agency) came up with the idea of fast forwarding past defending the grid and going directly to dealing with a hacked grid and building a tool kit to bring the systems back on line before the fabric of society begins to fray. It's not a crazy thought that a few weeks without power could be a game changer for our country. One thing is certain - if our business leaders in all industries - particularly our critical infrastructure - fail to plan for these contingencies the bad outcomes and costs will be greatly amplified.
Picture


​

READ the full story from WIRED
0 Comments

Integrating Cybersecurity and the Risk Function:

11/15/2018

0 Comments

 
Picture
Picture
Picture
In this article McKinsey focuses on a seemingly obvious, yet frequently missed opportunity by many CEOs: integrating cybersecurity with the overall risk function. Cybersecurity is often relegated to the CISO and CIO because of it's technical nature but it is, in fact, a major driver for high consequence business risks - from loss of reputation and revenue to an existential threat. By laying out the opportunities, challenges and the rationale for change a persuasive case is made for C-Suites to adopt this approach as a high priority.

Another common error is to underestimate the 'institutional inertia' that perpetuates the chasm between the business and cybersecurity. An even greater error is not making the effort to correct it. Only the C-Suite and particularly the CEO have the span of control, the necessary 'levers', to make this happen -- and thus own the amplified risk if not addressed.

Picture
Read Cybersecurity and the Risk Function
0 Comments

The Week in Breach: 11/04/18 - 11/10/18

11/15/2018

0 Comments

 
Picture
Here's the latest breach update from Kevin Lancaster at ID Agent. ​This week cannabis is in the news, and financial institutions took a hit across the globe. Tracking the breaches on a weekly basis is a good way to get a sense of the threat landscape -- and establish a clearer idea of the true costs and impact of these breaches.  Let your CIO and CISO give you more details if you think a particular breach is interesting or relevant from YOUR business perspective. Sharing information of this sort provides the basis for meaningful business/technical conversations going forward -- and everyone benefits by applying a business outcome perspective.

The Week in Breach 11/04/18 - 11/10/18

Picture
0 Comments

You’re Not Imagining It: Civilization is Flickering

11/9/2018

0 Comments

 
Picture
Michael Assante, Director of Industrials and Infrastructure & Lead for the ICS Curriculum, SANS Institute

"Competing, contradictory voices vie for our attention and trust. On one hand certain reputable experts tell us the sky is about to fall, the curtain is about to close on Western Civilization, and we’d better stockpile water, food and fuel in caves a la Dr. Strangelove. The other more sanguine side says while there is ample cause for concern, the government and the large companies that shape our lives are “managing the risks” and we should largely go about our lives as usual. This 2-part blog series will give you a few tools to better judge for yourself which of these voices is closer to the ground truth so you can “manage” your actions and fears accordingly." - ​Michael Assante

Picture
So says Michael Assante, internationally respected expert and thought-leader on cyber security and industrial control systems. These systems are the backbone of our nation's critical infrastructure. Industrial control systems run our energy, healthcare, transportation and manufacturing sectors, and more -- without which we'd be living in a world not too different from the 1800's. 

We're honored to have Michael serving on the Disruption Forum's Advisory Council. Though the seriousness of his message may make us uncomfortable, it is a critical responsibility of C-Suites and Boards to maintain this level of situational awareness in order to properly perform their roles in decision making, planning and corporate oversight. 

Read Michael Assante's BIO

Here are the links to this two-part blog post, which appear on the widely read RSA Conference site:

PART ONE
​
P
ART TWO



Picture
Michael Assante's article is packed with practical non-technical insights, and is literally an "insider thought-piece" about the high-consequence cyber-driven risks facing today's leaders.

Picture
Hot Topic
Picture
Deep Dive
Return to CyberCrime=BusinessRisk

0 Comments
<<Previous

    Roger Green

    Founder and CEO of Disruption Forum
    LinkedIn Bio

    Picture

    Archives

    November 2018
    October 2018

    Categories

    All

    RSS Feed

    Picture
Contents Copyright 2013-2019 Disruption Forum, Inc. All Rights Reserved
Disruption Forum (tm) is a trademark of Disruption Forum, Inc.
Trademarks are the property of Disruption Forum, Inc. or their respective owners.

Picture
Disruption Forum, Inc.