Insights

The approval of NERC CIP-015-1 marks a major shift in how critical infrastructure operators must defend their environments. For years, compliance efforts focused on keeping attackers out, but CIP-015-1 recognizes that perimeter defenses alone are not enough. Now, asset owners are required to monitor internal network activity to detect and respond to threats moving laterally within trusted networks. This new standard isn't just a regulatory hurdle; it's an opportunity to align compliance with meaningful security improvements that strengthen your operations against modern threats. 1. Introduction FERC's approval of NERC CIP-015-1 marks a pivotal shift in how critical infrastructure operators must secure their environments. This new standard moves beyond perimeter-focused security to require continuous internal network monitoring to detect lateral movement within trusted zones. At Critical Path Security, we see this as an opportunity for asset owners to align compliance with stronger defense against advanced threats. 2. What Is CIP-015-1 and…

Summary: Global IT distributor Ingram Micro experienced a critical ransomware intrusion over the July 4 weekend, forcing it to take internal systems offline. The incident, attributed to the emerging SafePay group, has disrupted ordering, fulfillment, and client access. Here's a detailed breakdown and strategic takeaways. What Happened Starting July 3, Ingram Micro began to experience widespread outages affecting websites, partner portals, the AI-powered Xvantage platform, and license provisioning systems.On July 5, the company officially confirmed a ransomware incident, having detected the malware on internal systems and proactively shut down affected services to contain the attack.The SafePay ransomware gang claimed responsibility, saying they infiltrated due to misconfigured network defenses and accessed sensitive corporate data. Impact Summary Operational Disruption: System downtime prevented order processing and shipments. Partner Friction: MSPs and VARs reported frustrations over limited updates and communication. Potential Data Exposure: SafePay claims theft of financials, IP, bank, and customer records. Global…

Last week, our founder Patrick Kelley had the privilege of presenting on a topic often overlooked in our industry: the mental health challenges facing cybersecurity professionals. The presentation, now featured by the EMC cooperative group (NRECA), highlighted the relentless stress, burnout, and emotional toll that defending critical infrastructure can bring. We talked about how protecting the grid goes beyond patching vulnerabilities and watching alerts; it also means protecting the people who stand watch. Kelley says IT and cyber workers are susceptible to blaming themselves when they feel burned out and thinking it's their responsibility for "unburning out" themselves. He encouraged attendees to lean on their colleagues in the program the way operations crews do during outages and mutual aid events. "The way that we move forward is to be more like the linemen in those trucks," he said. "We need to support each other like they do." The Problem We're…

This past weekend, Ryan Vargas drove the Critical Path Security #28 Dodge Challenger to another podium finish, continuing to prove why he's not only a fierce competitor but also a true ambassador for our brand. But the path to the podium wasn't without challenges. After qualifying, an individual unexpectedly walked onto pit road, forcing Ryan to take evasive maneuvers that destroyed the clutch. With rain drizzling down and time slipping away before the green flag, the DJK Racing crew jumped into action, replacing the clutch on pit road under pressure to get Ryan back into the fight. It was a testament to the grit and determination of Ryan and the entire DJK Racing team, refusing to let circumstances dictate the outcome. And the result? A dominating, hard-fought drive to the front, reminding everyone that overcoming adversity is part of the DNA of both Ryan Vargas and Critical Path Security. None…