If you're looking for my pandemic posts, go here.
You may recall that in March, April and early May, the NERC
RSTC Supply Chain Working Group put on a series of webinars based on the supply
chain security guidelines we had developed (mostly) in 2019. About four of the
recordings were put up right away, but because of technical problems the rest
were just put up last week. You can find them all here, along with the
guidelines documents themselves, and the webinar slides.
I thought all of the webinars were good, but here are my two
favorites:
·
“Risk Considerations for Open Source Software”,
by George Masters of SEL.
·
“Vendor Incident Response”, by Steven Briggs of
TVA
And I would be remiss (my boss would never forgive me!) if I
didn’t mention the two webinars I did. I don’t consider them the best, but
there were decent. Note that my ideas have evolved on both topics, although not
drastically:
·
“Cyber Security Risk Management Lifecycle”
·
“Vendor Risk Management Lifecycle”
Any opinions expressed in this
blog post are strictly mine and are not necessarily shared by any of the
clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would
love to hear from you. Please email me at tom@tomalrich.com.
Are you wondering if you’ve
forgotten something for the 10/1 deadline for CIP-013 compliance? This
post describes three important tasks you
need to make sure you address. I’ll be glad to discuss this with you as well –
just email me and we’ll set up a time to talk.
No comments:
Post a Comment