FEMA Resources for Climate Resilience

Agency News, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector, Water sector

As climate change increases disaster risks across the country, emergency managers and government officials are beginning to implement strategies to build community resilience. FEMA Resources for Climate Resilience provides a roadmap of Federal Emergency Management Agency (FEMA) programs and initiatives that advance community climate resilience. FEMA Resources for Climate Resilience assists FEMA’s state, local, tribal, and territorial (SLTT) partners in navigating the FEMA resources that are available to support communities in mitigating impacts of climate change.

Building resilience is a long-term, ongoing cycle that requires multiple steps to accomplish. Each section of the FEMA Resources for Climate Resilience corresponds with a step in that cycle and provides information about FEMA services, programs, and grants available to SLTT partners. Each SLTT partner has a unique experience with FEMA and has participated in different elements of the resilience cycle. SLTT partners with limited FEMA experience may choose to start from the beginning of FEMA Resources for Climate Resilience, while other SLTT partners may navigate directly to their program of choice.

Each section of FEMA Resources for Climate Resilience provides a brief description of the program, service, or grant, an overview of who can apply, examples of the FEMA programs in action, and helpful tools and resources for learning more about the program, service, or grant. In addition, where applicable, FEMA Resources for Climate Resilience also points out areas where equity can be prioritized. FEMA Resources for Climate Resilience explains how existing tools, such as the National Risk Index (Risk Index), can assist SLTT governments and their communities, right now, in making informed planning decisions including considerations of impacts from future weather conditions.

FEMA Resources for Climate Resilience also provides a quick glance at FEMA funding sources, such as the Building Resilient Infrastructure and Communities (BRIC) program, designed to support communities in building capability and capacity to mitigate the increasing impacts of climate change.

FEMA Resources for Climate Resilience is available to download at https://www.fema.gov/sites/default/files/documents/fema_resources-climate-resilience.pdf

Leave a comment , ,

DHS Issues National Terrorism Advisory System (NTAS) Bulletin

Agency News, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector

The Secretary of Homeland Security Alejandro N. Mayorkas has issued a National Terrorism Advisory System (NTAS) Bulletin regarding the continued heightened threat environment across the United States. This is the fifth NTAS Bulletin issued by the Department of Homeland Security since January 2021.

“DHS remains committed to proactively sharing timely information and intelligence about the evolving threat environment with the American public,” said Secretary Alejandro N. Mayorkas. “We also remain committed to working with our partners across every level of government and in the private sector to prevent all forms of terrorism and targeted violence, and to support law enforcement efforts to keep our communities safe. This NTAS Bulletin outlines the key factors that have increased the volatility, unpredictability, and complexity of the current threat environment, and highlights resources for individuals and communities to stay safe.”

The United States remains in a heightened threat environment fueled by several factors, including an online environment filled with false or misleading narratives and conspiracy theories, and other forms of mis- dis- and mal-information (MDM) introduced and/or amplified by foreign and domestic threat actors. These threat actors seek to exacerbate societal friction to sow discord and undermine public trust in government institutions to encourage unrest, which could potentially inspire acts of violence. Mass casualty attacks and other acts of targeted violence conducted by lone offenders and small groups acting in furtherance of ideological beliefs and/or personal grievances pose an ongoing threat to the nation.

While the conditions underlying the heightened threat landscape have not significantly changed over the last year, the convergence of the following factors has increased the volatility, unpredictability, and complexity of the threat environment: (1) the proliferation of false or misleading narratives, which sow discord or undermine public trust in U.S. government institutions; (2) continued calls for violence directed at U.S. critical infrastructure; soft targets and mass gatherings; faith-based institutions, such as churches, synagogues, and mosques; institutions of higher education; racial and religious minorities; government facilities and personnel, including law enforcement and the military; the media; and perceived ideological opponents; and (3) calls by foreign terrorist organizations for attacks on the United States based on recent events.

DHS and the Federal Bureau of Investigation (FBI) continue to share timely and actionable information and intelligence with the broadest audience possible. This includes sharing information and intelligence with our partners across every level of government and in the private sector. Under the Biden-Harris Administration, DHS is prioritizing combating all forms of terrorism and targeted violence, including through its efforts to support the first-ever National Strategy for Countering Domestic Terrorism. Since January 2021, DHS has taken several steps in this regard, including:

  • established a new domestic terrorism branch within DHS’s Office of Intelligence and Analysis dedicated to producing sound, timely intelligence needed to counter domestic terrorism-related threats;
  • launched the Center for Prevention Programs and Partnerships (CP3) to provide communities with resources and tools to help prevent individuals from radicalizing to violence;
  • designated domestic violent extremism as a “National Priority Area” within DHS’s Homeland Security Grant Program for the first time, resulting in at least $77 million being spent on preventing, preparing for, protecting against, and responding to related threats nationwide;
  • provided $180 million in funding to support target hardening and other physical security enhancements to non-profit organizations at high risk of terrorist attack through DHS’s Nonprofit Security Grant Program (NSGP);
  • increased efforts to identify and evaluate MDM, including false or misleading narratives and conspiracy theories spread on social media and other online platforms, that endorse violence; and,
  • enhanced collaboration with public and private sector partners – including U.S. critical infrastructure owners and operators – to better protect our cyber and physical infrastructure and increase the Nation’s cybersecurity through the Department’s Cybersecurity and Infrastructure Security Agency (CISA).

DHS also has renewed its commitment to ensure that all efforts to combat domestic violent extremism are conducted in ways consistent with privacy protections, civil rights and civil liberties, and all applicable laws.

This NTAS Bulletin will expire on June 7, 2022. This NTAS Bulletin provides the public with information about the threat landscape facing the United States, how to stay safe, and resources and tools to help prevent an individual’s radicalization to violence. The public should report any suspicious activity or threats of violence to local law enforcement, FBI Field Offices, or a local Fusion Center.

Leave a comment , ,

TXOne Networks Publishes In-Depth Analysis of Vulnerabilities Affecting Industrial Control Systems

Cyber Security CII sector, Industry News

TXOne Networks, a global leader in OT zero trust and Industrial IoT (IIoT) security, has published its 2021 Cybersecurity Report which focuses on the vulnerabilities that can affect ICS environments. TXOne Networks' threat researchers conducted in-depth analysis of ICS-affecting vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS, a globally-accessible knowledge base of adversary tactics and techniques found in cyber attacks on ICS environments. The results of this Cybersecurity Report enable TXOne Networks to show cyber threat and research trends from 2021 and previous years that will affect the industrial control system (ICS) environment in 2022. One important observation from the report is that cyber attacks on critical infrastructure can be resisted and made significantly easier to repel by applying the OT zero trust methodology, which includes device inspection, preserving critical applications and services, network segmentation, and virtual patching.

The focus of TXOne Networks' Cybersecurity Report lies especially on the analysis of so-called Common Vulnerabilities and Exposures (CVEs) that can affect ICS environments. These industry-critical vulnerabilities are identified each year by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The MITRE ATT&CK for ICS matrix used by TXOne Networks gives an overview of "tactics" (malicious actors' goals during an attack) as well as the specific "techniques" malicious actors will use to accomplish their goals.

2021's ICS-CERT advisories

ICS-CERT advisories are published when an ICS vulnerability is released that attackers could use to cause harm. According to the Cybersecurity Report, the number of advisories dramatically increased in 2021. There were 389 advisories published, which, compared with 2020's number of 249, shows the largest year-to-year growth in the history of the ICS-CERT program. The ever-increasing number of CVEs affecting ICS environments highlights the near-impossibility of comprehensively addressing each specific vulnerability.

2021 also saw fundamental changes in the methods favored by cyber attackers, as well as more advanced and destructive supply chain attacks than ever before. Known recently-active ransomware groups include Maze, Lockbit, REvil, and DarkSide, though their activity levels can vary.

CVEs affecting ICS environments

By taking a closer look at vulnerabilities in ICS-CERT advisories from 2017 to 2021 classified by affected sector, a huge spike in vulnerabilities affecting Critical Manufacturing clearly stands out - 59.8% of CVEs identified in 2021 advisories are considered critical or high-risk.

While Critical Manufacturing is obviously in the lead, the Cybersecurity Report also shows a spike in CVEs which can be used to affect multiple sectors. Both attackers and researchers are likely to take more interest in these kinds of vulnerabilities in 2022 and 2023, because attackers can potentially exploit the same vulnerability across different kinds of operational environments.

"Our analysis of the 613 CVEs identified in advisories in 2021 that are likely to affect Critical Manufacturing environments shows that 88.8% of them might be leveraged by attackers to create an impact and cause varying degrees of disruption to ICS equipment and the environment," said Dr. Terence Liu, CEO of TXOne Networks. "For ICS environments, impact is a critical concern that includes damage or disruption to finances, safety, human lives, the environment, and equipment."

Supply Chain and Work Site Security

According to the Cybersecurity Report, while ICS-CERT shows information about CVEs that is immediately useful and necessary, it might be missing some information that can streamline the process of addressing them. More complete information provided by the National Vulnerability Database (NVD) can be critical in the creation of Software Bills of Materials (SBOMs) and the prevention of supply chain attacks, but almost 25% of CVEs take more than 3 months to reach this stage of documentation.

This underscores some crucial points. First, from a security point of view, no organization can depend on one source for cybersecurity information. In other words, ICS cybersecurity is a group effort that can't be effectively accomplished without comparing multiple sources of information. Second, due to an extended timeline for information availability, organizations can't rely on vendor patches or even released research to secure operations.

Leave a comment , ,

Germany Broadens Definition of ‘Critical Infrastructures’

Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector

The second amendment of the Ordinance on the Designation of Critical Infrastructures under the BSI Act entered into effect on January 1, 2022. Such amendment broadens the definition of “critical infrastructures,” which are of particular relevance for Germany’s foreign direct investment screening regime.

This amendment follows the latest update (the 17th amendment) to the Foreign Trade and Payments Ordinance (Außenwirtschaftsverordnung, AWV) which entered into effect on May 1, 2021. Such amendment materially expanded the catalogue of sectors of particular relevance to Germany’s order and security[1] and introduced more differentiated thresholds.

In addition, since May 28, 2021, a mandatory foreign direct investment (FDI) filing is triggered if the German target business develops or manufactures certain IT components which are used in critical infrastructures (so-called critical components).

The second amendment of the Ordinance on the Designation of Critical Infrastructures under the BSI Act (BSI-KritisV or Law) comprehensively revises the definitions and thresholds required to designate critical infrastructures (energy, water, nutrition, IT and telecommunication, health, finance and insurance, and transport and traffic). The following amendments of the Law will likely have the most significant impact on German FDI screening, further increasing the number of notifications to the German Ministry of Economics and Climate Action:

Definition of a “Facility”: The concept of a “facility” is generally an essential prerequisite for the assumption of a critical infrastructure under the BSI-KritisV. In addition to premises and other fixed installations, machinery, equipment, and other mobile installations, the updated “facility” definition now also explicitly includes software and IT services necessary for the provision of a critical service for the operation of a critical infrastructure. Relevant software and IT services do not need to be specially developed for the operation of critical infrastructures to fall in the scope of the updated “facility” definition. This may result in third-party IT and software service providers being designated as operators of a critical infrastructure.
Energy Sector: The thresholds for power plants to be considered a critical infrastructure were lowered from 420 megawatts to 104 megawatts. Further, the updated BSI-KritisV introduces new categories of facilities (trading systems and facilities relevant for the trade of gas or petroleum) and also lowers the existing threshold for trading systems and facilities relevant for the trade of electricity from 200 terawatt-hours to 3.7 terawatt-hours per year.
IT and Telecommunication Sector: The Law reduces the existing thresholds for internet exchange points (IXPs)—number of connected autonomous systems (annual average)—from 300 to 100, as well as the thresholds for computer centers/housing—contractually agreed installed power in megawatts—from 5 megawatts to 3.5 megawatts.
Health Sector: The Law introduces a new facility category, the so-called “laboratory information network”. A laboratory information network is a network of facilities or systems that provide IT services for diagnosis and therapy control in human medicine for at least one laboratory.
Finance and Insurance Sector: The Law introduces new facility categories related to the trading in securities and derivatives. These concern systems for generating orders for trading securities and derivatives and forwarding them to a trading venue exceeding 6,750,000 transactions per year; trading systems (as defined in Article 4 number 24 of Directive 2014/65/EU) exceeding 850,000 transactions per year; and other depository management systems exceeding 6,750,000 transactions per year.
Transport Sector: The Law introduces new facility categories—for instance, air and port traffic control centers, port information systems, and others.

The amendment of the Law will increase the number of businesses designated to be operators of a critical infrastructure. The Federal Ministry of Interior and Community estimated in this respect that the number of operators of critical infrastructures will increase from a total of approximately 1,600 to a total of approximately 1,870.

Operators of critical infrastructures are primarily subject to the obligations of the BSI-KritisV, in particular, notification of IT security breaches. In addition, the broadened definition of critical infrastructures may increase the number of mandatory notifiable transactions under the German FDI provisions. Foreign investors should therefore factor this into their diligence efforts when considering the acquisition of voting rights in German domiciled companies.

[Source: Morgan Lewis]
Leave a comment ,

How is the Federal Government Approaching Climate Resilience?

Agency News, Industry News, Transport sector

Extreme weather events—like wildfires, hurricanes, and some winter storms—threaten the stability of critical infrastructure that we rely on every day. This includes systems like roads, electric grids, supply chains, as well as how this infrastructure is used for military operations. The projected impact of climate change on these critical infrastructures is a key source of federal fiscal exposure because of the size of the federal government’s investment and states’ increasing reliance on the federal government for disaster assistance.

This past year may go on record as one of the most active and costly years for extreme weather events. As of Oct. 8, there have been 18 such events, each with losses exceeding $1 billion, according to the National Centers for Environmental Information. Disaster costs are projected to increase as certain extreme weather events become more frequent and intense due to climate change—as observed and projected by the U.S. Global Change Research Program and the National Academies of Sciences, Engineering, and Medicine.

One way to reduce long-term risk to people and property from natural hazards is to enhance climate resilience. Enhancing climate resilience means taking actions to reduce potential future losses by planning and preparing for potential climate hazards, such as extreme rainfall, sea level rise, and drought. The Administration is taking some actions through various climate-related Executive Orders, and we are monitoring implementation of these emerging efforts.

As our climate continues to change, experts say this trend of larger, more costly weather events will also continue. Today’s WatchBlog post looks at some of our work on federal climate-resilience activities.

Climate-resilient public infrastructure

Every year, the federal government spends billions of dollars to maintain buildings, levees, and roads. This cost could grow as certain weather-related events that cause damage increase in frequency and intensity.

For instance, if roads are flooded from dangerous amounts of rainfall or hurricanes, routes used for emergency evacuations can become unsafe and require costly repairs. Road damage due to climate-related changes may even cost up to $20 billion annually by the end of the century, according to the 2018 Fourth National Climate Assessment.

Over the last decade, the Federal Highway Administration (FHWA), which is part of the Department of Transportation (DOT), has developed policies, provided technical assistance, and funded climate-resilience research as part of its efforts to address climate change's impacts on roadways.

In our September report we found that some states were planning, or already made, changes to their infrastructure using FHWA resources. For example, in Maryland authorities raised a bridge by two feet in anticipation of rising sea levels. While some improvements have been made, more can be done to enhance the climate resiliency of federally funded roads. We identified 10 options for DOT to consider. For example, DOT could provide information to states on best practices and how to include climate projections into road planning and design.

DOT agreed to consider our options when prioritizing climate-resilience actions.

Climate-resilient electricity grid

Severe weather is also expected to impact nearly every aspect of the electricity grid—including the generation, transmission, distribution, and demand for electricity. Extreme-weather events could cost billions—from power outages to infrastructure damage—and leave people without access to electricity.

In February 2021, dangerously cold weather spread into Texas causing increased demand for electricity, and about 4.5 million people lost power.

In August 2021, Hurricane Ida resulted in at least a million people, across three states, without electricity and left seven people dead.

How can we better protect the electricity grid?

Although private companies own much of the electricity grid, the federal government is a key player in promoting its resiliency. Since 2014 the Department of Energy (DOE) and the Federal Energy Regulatory Commission (FERC) have taken steps to improve grid resilience, such as partnering with utilities and collecting information on weather-related risks to grid operations. However, DOE still doesn’t have an overall strategy to guide its climate-resiliency efforts despite recognizing the risks. Additionally, FERC hasn’t identified or assessed weather-related risks to the grid.

In a March 2021 report, we recommended that DOE develop a department-wide strategy to enhance grid resilience, and FERC identify and asses risks to the grid and plan a response.

[Source: GAO]
Leave a comment ,

Recommendations for the Implementation of an EU Strategy on Technology Infrastructures

Agency News, Cyber Security CII sector, Industry News

As technology infrastructures (TIs) are critical enablers for the European research, development and innovation ecosystems, the European Commission’s Joint Research Centre (JRC) and the European Association of Research and Technology Organisations (EARTO) recommend a pan-European, agile and sustainable environment for their development, accessibility and governance, within the framework of a dedicated EU strategy.

The key role of TIs in RD&I Ecosystems

TIs are (physical or virtual) facilities and equipment, such as demonstrators, testbeds, piloting facilities and living labs, capable of building bridges between science and the market.

They are mostly created, managed, maintained and upgraded by not-for-profit Research Performing Organisations (mainly Research and Technology Organisations – RTOs, and Technical Universities – TUs), which require dedicated and significant resources and competences.

TIs are open to a wide range of public and private users, large and small, collaborating with TI managers to jointly develop and integrate innovative technologies into new products, processes, and services.

Examples  of  technology  infrastructures  include  facilities  to  develop  electrolyser stacks,  biogas  plants,  clean-room  facilities  for  chip  production,  test  areas  for automated shipping or road traffic safety solutions, wind tunnels, testbeds for multi-functional nano-composites, multi-material 3D printing, thermo-plastics and industrial robotics.

Technology Infrastructures are major building blocks for Europe to deliver on its ambitions of making successful transitions to a sustainable, digital and resilient industry and society.

Industry’s innovation capacity, productivity and international competitiveness heavily depend on possibilities to develop, test, validate and upscale new technological solutions at an ever-faster pace.

Towards an EU strategy for technology infrastructures

A European Commission Staff Working Document on TIs published in 2019 recommended the development of an EU Strategy for Technology Infrastructures building on the experience and the framework of the European Strategy for Research Infrastructures (ESFRI) with its own specificities.

In this context, the JRC and EARTO launched a joint project on TIs to gather evidence and highlight the common specificities of TIs across Europe, assess the challenges they face over their whole lifecycle, and identify how their capacity could be further leveraged.

The JRC and EARTO have just published an analysis of the main strategic elements that would ensure an effective and sustainable management of an integrated landscape for TIs at the European level:

  • Combining and completing the existing repositories and mappings of TIs at EU level, covering both TIs’ locations and the services and facilities they offer, could be used to enable a better understanding of the TIs’ landscape by policymakers and users, foster accessibility to TIs, and create connections between complementary TIs.
  • Roadmapping of future needs for capital expenditure (CAPEX) investments in TIs should be organised with a sectorial value-chain and bottom-up approach, with the involvement of TIs’ stakeholders, by identifying the future needs for TIs in existing roadmaps linked to current EU instruments and actions (e.g. European Partnerships, European Research Area (ERA) Industrial Technology Roadmaps).
  • Setting up a mechanism to draw from sectorial roadmaps and prioritise investments in TIs at European level and/or to coordinate and synchronise national/regional TIs’ roadmaps in strategic sectors would be valuable to maximise the use of public funds.
  • Creating an agile Advisory Board will be necessary to operationalise the prioritisation of investments and the coordination of national/regional TIs’ roadmaps. The board should be composed of Member States experts responsible for TIs within national ministries, as well as relevant stakeholders including RTOs, technical universities, and industry (large and small).
  • TIs need to be developed and upgraded at the same fast pace as the technologies and the products that are developed and tested. A strengthened and clearer pathway of grant-based public support for CAPEX investments for the creation and upgrade of TIs, as well as creating synergies for more structural support at European, national, and regional levels would be essential, as the current funding landscape is very scattered. The support for the creation of new TIs should be designed in complementarity with the support for the upgrade of existing ones, taking a balanced approach between the two.
  • Pan-European accessibility to TIs should be facilitated by fostering the use of TIs in competitively funded projects at EU level, defining harmonised principles for access to TIs, and adopting a one-stop-shop approach in specific value-chains.
  • Creating thematic networks of TIs with a value-chain approach would enable to better integrate and structure the European landscape for TIs, foster capacity building across regions, and spread excellence and expertise to overcome the European innovation divide. Dedicated support and funding for network orchestration activities is needed to explore the full potential of TIs’ networks.
Leave a comment , ,

Pipeline Safety: Manufacturing Defects in Pipeline Components Rarely Contribute to Accidents

Agency News, Industry News, Power/Energy/Oil & Gas sector

Almost 350,000 miles of interstate gas and hazardous liquid transmission pipelines transport products across the U.S. The quality of individual components used in constructing these pipelines is critical to protect life, property, and the environment.

The GAO reviewed data on the quality of fittings, flanges, and valves on interstate transmission pipelines, and found that manufacturing defects rarely contribute to accidents. For instance, such defects contributed to less than 2% of all accidents between 2016-2020. They caused zero deaths or hospitalizations, and spilled fewer gallons of hazardous liquid (on average) than other types of accidents.

Manufacturing defects involving certain pipelines components—specifically fittings, flanges, and valves—accounted for less than 2 percent (23 of 1,529) of all accidents on gas and hazardous liquid interstate transmission pipelines from 2016 through 2020, according to GAO's analysis of Pipeline and Hazardous Materials Safety Administration (PHMSA) data. During this period, none of the reported 10 fatalities or 24 injuries requiring in-patient hospitalizations were related to accidents involving such defects. The amount of product released was also lower than average for all accidents that GAO reviewed. For example, accidents involving manufacturing defects in these pipeline components resulted in the spillage of 69 barrels of hazardous liquid on average, compared to an average release of 242 barrels for all accidents. Many selected stakeholders GAO interviewed also said that manufacturing defects in pipeline components rarely contribute to accidents.

All selected operators GAO interviewed described taking a number of steps to design, inspect, and test pipeline components to ensure quality prior to placing the components into service. Many of these selected operators described taking steps above PHMSA's minimum safety standards. For example, some operators described conducting inspections of manufacturers' processes or requiring manufacturers to maintain voluntary management and design certifications. According to these selected operators, these actions help ensure that manufacturers have the skills and expertise to construct high-quality pipeline components. While selected operators generally did not describe additional testing steps, many of these operators and other stakeholders agreed that defects are often identified during the testing of components. Specifically, PHMSA generally requires that operators conduct a hydrostatic test—whereby the pipeline is pressurized to a level above the normal operating pressure—to ensure the integrity of the pipe and components prior to the pipeline being placed in service.

The U.S. pipeline network includes almost 350,000 miles of interstate gas and hazardous liquid transmission pipelines that operate at high pressures and transport products across the country. The integrity of individual components used in constructing these pipelines is critical to protect life, property, and the environment. These components include fittings to accommodate changes in terrain or direction of the pipe; flanges to connect pipes and other equipment together; and valves to help control the flow and pressure of product in the pipe.

Within the U.S. Department of Transportation, PHMSA sets and enforces the federal minimum pipeline safety standards for pipelines and pipeline facilities, including for the design and manufacture of components. The minimum safety standards apply to owners and operators of pipeline facilities rather than the manufacturers of components.

Due to potential concerns about the manufacturing process for pipeline components, GAO was asked to review the quality of fittings, flanges, and valves on interstate transmission pipelines. This report describes: (1) the extent to which manufacturing defects in pipeline components have contributed to accidents from 2016 through 2020, and (2) the actions selected pipeline operators have taken to ensure the quality of components manufactured for their pipelines.

GAO analyzed PHMSA's accident data on interstate transmission pipelines for gas and hazardous liquid—including number, item involved, cause, related fatalities and injuries, and amount of product released—from 2016 through 2020, the most recent 5-year period for which data were available. GAO assessed the reliability of the data by reviewing PHMSA reports and interviewing PHMSA officials, among other things, and found the data to be sufficiently reliable to describe the frequency in which manufacturing defects contributed to reportable pipeline accidents.

GAO also reviewed relevant pipeline safety statutes and regulations, including those addressing the safety of pipeline components. GAO interviewed officials from PHMSA and the National Transportation Safety Board, as well as representatives from 10 pipeline operators, six industry associations, four pipeline manufacturers, three standards-setting organizations, and one safety group. GAO selected operators that manage interstate transmission pipelines, but vary in size (number of pipeline miles managed); commodities transported (i.e., natural gas and hazardous liquids); accident history; and geographic location. GAO selected the remaining stakeholders based on, among other things, inclusion in prior GAO reports, recommendations from stakeholders, or references in PHMSA's regulations.

Leave a comment , ,

Deputy Secretary General stresses NATO will continue to increase Ukraine’s cyber defences

Agency News, Cyber Security CII sector, Industry News

Deputy Secretary General Mircea Geoană participated virtually at the Cybersec Global 2022 event. Focusing on the tensions between Russia and Ukraine during his keynote speech, the Deputy Secretary General stressed that NATO has been working with Ukraine for years to increase its cyber defences, and will continue to do so at pace.

He said: “The use of hybrid attacks against Ukraine, including cyber-attacks and disinformation, as well as the massing of advanced weapons on its borders, underlines the key role of advanced technology in modern warfare”.

The Deputy Secretary General pointed out that “China and Russia are investing heavily and deploying new technologies with little regard for human rights or international law, aggressively challenging our technological edge”. He recalled that last summer Allies had agreed a new comprehensive cyber defence policy for NATO and went on to say that “we are strengthening our cyber defences and increasing the resilience of our critical infrastructure and supply chains to reduce our vulnerabilities”.

The Deputy Secretary General also noted NATO’s leading role with regard to the new technologies, in areas such as artificial intelligence, autonomous systems, biotechnology, big data, hypersonics, quantum computing and space. He underlined that to avoid any technology gaps, “we are making sure that transatlantic innovation benefits all Allies”. Mr. Geoană emphasized that NATO’s strength comes from its unity and its ability to adapt to remain strong and “retaining our technological edge is a big part of this”, he added.

Leave a comment , , ,

Dstl trials autonomous maritime asset protection system (AMAPS)

Agency News, Industry News, Transport sector

Working with the Royal Navy, industry partners and the US Naval Undersea Warfare Centre, the Defence Science and Technology Laboratory (Dstl) conducted research to improve detection, tracking, classification and defeat capabilities against surface and subsurface threats to high value assets and critical infrastructure, using autonomous systems alongside traditional systems.

Dstl worked collaboratively with an industry consortium comprising QinetiQ, SeeByte, L3 Harris ASV and Thales, to develop a concept demonstrator based on open architectures and autonomous systems. This demonstrator was tested in a synthetic environment to ensure the viability of the concept before experimentation during a 2 week trial in Portland Harbour in October 2021 using Dstl’s containerised system and the Maritime Autonomy Surface Testbed vessel MAST-13.

Different levels of autonomy were evaluated, enabling a better assessment of the role that maritime autonomous systems can play in protecting vulnerable assets while also furthering understanding of the current maturity of the technology.

The trial successfully demonstrated end-to-end autonomy with the remote operation of a long range acoustic device and firing of a vessel arrestor system with the aim to stop a suspect craft.

Future trials will look to stress the system with the aim to assess robustness while completing interoperability tests with the US that were impacted by COVID-19.

Dstl Programme Manager, Alasdair Gilchrist MBE, commented:

The research showed the benefit of integrating multiple sensors, fixed and on uncrewed vessels (UXVs), into a common tactical picture to aid command decisions.

We have progressed maritime Artificial Intelligence/machine learning by developing apps that enable multiple UXVs to be command and controlled from a single operator to protect assets.

We have also developed algorithms to autonomously control and launch non-lethal effectors from uncrewed surface vessels (USVs) to deter aggressors and protect our valuable maritime assets.

Leave a comment

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

Agency News, Cyber Security CII sector, Industry News

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights strongly urges leaders and network defenders to be on alert for malicious cyber activity and provides a checklist of concrete actions that every organization—regardless of sector or size—can take immediately to:

- Reduce the likelihood of a damaging cyber intrusion,
- Detect a potential intrusion,
- Ensure the organization is prepared to respond if an intrusion occurs, and
- Maximize the organization’s resilience to a destructive cyber incident.

CISA urges senior leaders and network defenders to review the CISA Insights and implement the cybersecurity measures on the checklist.

Leave a comment , ,
1 24 25 26 27 28 60