AICPA SOC Service Organizations - Certrec

Certrec Attends North American Generator Forum: GENerating Reliability and Resiliency 2022 – Compliance Conference and Annual Meeting


Atlanta, Georgia, October 11 – 13, 2022– Certrec sponsored and attended the North American Generator Forum: GENerating Reliability and Resiliency 2022 – Compliance Conference and Annual Meeting. At this event, Certrec presented on cyber security in the energy sector and commonly occurring pitfalls plaguing the industry. With cyberattacks on the rise, it is not a matter of if, but when an incident will occur.

Cybersecurity attacks on the energy sector are a way to attack public safety, the economy, and the environment. When thinking of power plant vulnerabilities, the acronym MARS can help explain the causes of cybersecurity weaknesses in power plants. MARS stands for:

  • Merging OT and IT networks
  • Authentication weaknesses
  • Remote access on the increase
  • Slow installation of security updates

Each of these categories opens a power plan to threats. Unauthorized modification of configuration settings, weak passwords, increased entry points for hackers, and reduced or non-dedicated IT are all created from security weaknesses induced from MARS. Power plants must better prepare to meet these threats before they cause fines and lasting reputational damages. 

What is MARS - Certrec