Director, Cybersecurity Outreach, Texas RE
Below is an excerpt of Certrec Sentinel’s recent interview with Mr. Carver.
To read the full interview, click here.
Certrec Sentinel Question: You’ve been in this industry for more than a decade. What, in your opinion, are the hottest cybersecurity threats at the present time?
Answer: Advanced Persistent Threats (APTs) are at the top of my list. APTs continue to evolve and exploit vulnerabilities with increased sophistication. Past and current vulnerabilities continue to be leveraged by APTs to try to achieve objectives. Examples of the most recent vulnerabilities include “PIPEDREAM,” “Log4j”, various ransomware, and the “SolarWinds Orion Code Compromise.” Fortunately, the NERC CIP Standards offer a baseline of cyber and physical security controls that promote the reduction of risk associated with these threats and vulnerabilities. For example, network security, security patching, malicious code prevention, security event monitoring, and supply chain risk management controls can all be found in various CIP Standards. Today, we are all in a “Shields Up” status because of Russia’s invasion of Ukraine, so it is important that organizations and entities continue to work towards strengthening their cyber and physical security posture.
Certrec Sentinel Question: Please provide a tip to aspiring professionals in the field of CIP compliance.
Answer: Let us start by removing one myth: you do not have to have a decade of experience to make a difference in this profession. This industry needs more individuals to help meet the demand and challenges associated with the reliability and security of our Critical Infrastructure. For aspiring professionals in the field of CIP compliance, do not forget the basics. I leave you with this final thought—we must continue to focus on more diverse candidate pools to help promote innovation and new ways of thinking to foster solutions to the unique opportunities facing the grid. Remember that our differences as individuals make us stronger as a team.
CIP Analyst at Certrec
“Ensure your vendor is implementing cybersecurity best practices when it comes to their products such as the use of software vulnerability code checking applications. Also remember that cybersecurity incidents of this nature should always be reported quickly using the entity’s Incident Response Plan(s), as required by CIP-003 and CIP-008. In these days and times, it is more important than ever to be familiar with your Incident Response Plans. Not only will this be very useful to the entity at the time of the incident, it also helps ensure information regarding a cybersecurity event will be widely disseminated.”
Solar was the most voted answer in this poll; however, research shows that hydro is actually the cheapest renewable energy source. On average, hydroelectricity costs $0.05 per kWh. This is in comparison to solar, which costs about $0.10 per kWh. Interestingly, in some areas, wind can be the cheapest at $0.04 per kWh, though this is inconsistent, as it can cost $0.06 per kWh in other areas.
Distributed energy resources, or DERs, “pose emerging cybersecurity challenges to the electric grid” and they should be designed with security as a “core…
Read more
The U.S. Department of Energy has issued a Notice of Intent to fund a $32 million Bipartisan Infrastructure Law program supporting front-end engineering design studies to produce rare earth elements…
Read more
EE North America recently opened a new office in Austin, Texas, to support its U.S. development pipeline. The company has purchased over 7,000 acres of land to develop its first U.S. Solar projects…
Read more
New Alliance — Certrec is pleased to announce its alliance with Fischer Block. Recently, power plants have increased their digitization efforts to create a more reliable grid. Fischer Block’s new SMART block devices further those effort by alerting power plants to operational…
Educating the Industry — Certrec sponsored and attended the North American Generator Forum: GENerating Reliability and Resiliency 2022 – Compliance Conference and Annual Meeting. Certrec’s Head of Strategic Marketing and Alliances, Fas Mosleh, presented on…
Read more
Customer Achievement — Certrec Assists Abilene Christian University with Molten Salt Research Reactor Construction Permit Application…
Read more
An Industry First — Certrec proudly offers Certrec On-Demand Expertise (CORE) Support hours. With CORE , you can now pay online in advance via credit card. Simply select a fixed number of hours, for immediate on-demand assistance from experienced CORE consultants…
Read more
Newsletter Subscribers Can Use this Code to Save 10% on all Certrec CORE Packages
Don’t know what works for you? Arrange an introductory call for regulatory compliance today.
Click the button below (or call me, John, at 214-552-9589).
Subscribe to the Certrec Sentinel Newsletter here.