51 min
Patrick Miller: Discussing the New INSM Requirements for NERC-CIP The PrOTect OT Cybersecurity Podcast
-
- Management
About Patrick Miller: Patrick Miller is a renowned expert in the critical infrastructure protection and cybersecurity industries. With over 35 years of experience, he currently leads Ampere Industrial Security as CEO, offering independent security and regulatory advice for industrial control systems across the globe. He is an active volunteer, public speaker, and member of several critical infrastructure security working groups and has received numerous awards for his work. With deep roots in telecommunications, Patrick has held key positions in regulatory agencies, private consulting firms, and commercial organizations. Today, he is also an instructor for the ICS456 NERC CIP course offered by the SANS Institute.
In this episode, Aaron and Patrick Miller discuss:
The implications of each company having its own interpretation and implementation of compliance and how the latest FERC directive to update NERC-CIP relates to thisThe challenges around writing technology-agnostic and long-lasting standardsHow companies should think about investing in and managing resources for compliance programsHow developments in operational technology is like a new phase of the Industrial Revolution
Key Takeaways:
Compliance policies vary significantly among companies, consultants, and regions, leaving many gray areas for auditors to navigate.Implementing new compliance standards is challenging due to the constantly evolving technology landscape and the difficulty in writing a technology-agnostic and flexible standard. Organizations must find a successful and auditable compliant approach that satisfies the minimum standards and can adapt over time.To ensure your network is secure, visible, and user-friendly, it's essential to have a platform that balances these factors with proper licenses, trained personnel to handle these, and professional services. This will take time to set up, but the effort will pay off in operational benefits and reduced resource waste.Integrating new technologies, such as digital twins, artificial intelligence, and machine learning, into the power system transforms every component of the generation process to the end user.
"I am excited about all the interesting new technologies we're introducing into power systems. There is a lot of really cool, interesting stuff happening, not just in the distribution space but even upwards into the transmission and generation space. Our ability to understand our equipment and prevent maintenance issues and problems is going to go through the roof. Just our ability to see all of this, we will call it another layer of the industrial revolution. Because it will give us a way to interact and use and build our machines in ways that we have never been able to do before." — Patrick Miller
Connect with Patrick Miller:
Website: https://www.amperesec.com
Email: pmiller@amperesec.com
YouTube: https://www.youtube.com/channel/UCPpxHyyVzgJUjlHGAzkkuMw
LinkedIn: https://www.linkedin.com/in/millerpatrickc/
Twitter: https://twitter.com/PatrickCMiller
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
About Patrick Miller: Patrick Miller is a renowned expert in the critical infrastructure protection and cybersecurity industries. With over 35 years of experience, he currently leads Ampere Industrial Security as CEO, offering independent security and regulatory advice for industrial control systems across the globe. He is an active volunteer, public speaker, and member of several critical infrastructure security working groups and has received numerous awards for his work. With deep roots in telecommunications, Patrick has held key positions in regulatory agencies, private consulting firms, and commercial organizations. Today, he is also an instructor for the ICS456 NERC CIP course offered by the SANS Institute.
In this episode, Aaron and Patrick Miller discuss:
The implications of each company having its own interpretation and implementation of compliance and how the latest FERC directive to update NERC-CIP relates to thisThe challenges around writing technology-agnostic and long-lasting standardsHow companies should think about investing in and managing resources for compliance programsHow developments in operational technology is like a new phase of the Industrial Revolution
Key Takeaways:
Compliance policies vary significantly among companies, consultants, and regions, leaving many gray areas for auditors to navigate.Implementing new compliance standards is challenging due to the constantly evolving technology landscape and the difficulty in writing a technology-agnostic and flexible standard. Organizations must find a successful and auditable compliant approach that satisfies the minimum standards and can adapt over time.To ensure your network is secure, visible, and user-friendly, it's essential to have a platform that balances these factors with proper licenses, trained personnel to handle these, and professional services. This will take time to set up, but the effort will pay off in operational benefits and reduced resource waste.Integrating new technologies, such as digital twins, artificial intelligence, and machine learning, into the power system transforms every component of the generation process to the end user.
"I am excited about all the interesting new technologies we're introducing into power systems. There is a lot of really cool, interesting stuff happening, not just in the distribution space but even upwards into the transmission and generation space. Our ability to understand our equipment and prevent maintenance issues and problems is going to go through the roof. Just our ability to see all of this, we will call it another layer of the industrial revolution. Because it will give us a way to interact and use and build our machines in ways that we have never been able to do before." — Patrick Miller
Connect with Patrick Miller:
Website: https://www.amperesec.com
Email: pmiller@amperesec.com
YouTube: https://www.youtube.com/channel/UCPpxHyyVzgJUjlHGAzkkuMw
LinkedIn: https://www.linkedin.com/in/millerpatrickc/
Twitter: https://twitter.com/PatrickCMiller
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
51 min