AMPYX CYBER

@[email protected]
103 Followers
0 Following
349 Posts
The premier OT security consulting firm. Securing the critical things in your world. We keep you ahead of your adversaries - and your auditors.
www.ampyxcyber.com
Websitehttps://www.ampyxcyber.com
LinkedInhttps://www.linkedin.com/company/ampyx-cyber
YouTubehttps://www.youtube.com/@ampyxcyber
AMPYX CYBER3d ago

Stop chasing checklists.

Our 3.5-day NERC CIP Bootcamp moves past the theory into the technical reality of the grid. From CIP-002 to the new CIP-015, Low Impact to Virtualization, learn to stay ahead of your adversaries and your auditors.

Register here: https://ampyxcyber.com/training

AMPYX CYBER4d ago
Claude Mythos and the OT Threat Horizon: What Utility Operators Need to Know Now https://ampyxcyber.com/blog/claude-mythos-and-the-ot-threat-horizon-what-utility-operators-need-to-know-now
AMPYX CYBERApr 9

Stop chasing checklists.

Our 3.5-day NERC CIP Bootcamp moves past the theory into the technical reality of the grid. From CIP-002 to the new CIP-015, Low Impact to Virtualization, learn to stay ahead of your adversaries and your auditors.

Register here: https://ampyxcyber.com/training

AMPYX CYBERMar 24
The E-ISAC is doing serious work inside a structure that limits how far that work can go. Both things are true. Our analysis of the 2025 End-of-Year Report: https://ampyxcyber.com/blog/the-e-isacs-2025-report-real-progress-remaining-constraints
AMPYX CYBERMar 23

NERC Industry Survey: Physical Supply Chain Risk Management
https://www.surveymonkey.com/r/SCS-PhysicalRiskReport

Supply Chain Subcommittee (SCS) is seeking industry feedback on physical supply risks to inform the physical supply risk report.

AMPYX CYBERMar 19

FERC approved Orders 918 & 919 today. CIP virtualization standards, new low-impact controls, and an updated Control Center definition. All registered entities affected. 24 and 36 month implementation windows. Start your assessments now.

Full breakdown: https://ampyxcyber.com/blog/ferc-issues-orders-on-virtualization-and-low-impact-what-changed-and-what-you-need-to-do

AMPYX CYBERMar 17
The E-ISAC is doing serious work inside a structure that limits how far that work can go. Both things are true. Our analysis of the 2025 End-of-Year Report: https://ampyxcyber.com/blog/the-e-isacs-2025-report-real-progress-remaining-constraints
AMPYX CYBERMar 16
The new National Cyber Strategy calls compliance checklists a problem. We've been saying that for years. But deregulation and security aren't the same thing either. What replaces a requirement matters more than removing it. Full analysis at https://ampyxcyber.com/blog/redesigning-the-machine-nerc-board-accepts-transformational-standards-modernization-plan-p2b7w
AMPYX CYBERMar 9
The new National Cyber Strategy calls compliance checklists a problem. We've been saying that for years. But deregulation and security aren't the same thing either. What replaces a requirement matters more than removing it. Full analysis at https://ampyxcyber.com/blog/redesigning-the-machine-nerc-board-accepts-transformational-standards-modernization-plan-p2b7w
AMPYX CYBERFeb 17
Coordinated destructive cyberattacks across 30+ renewable farms, a CHP plant, and manufacturing in Poland. Not ransomware. Sabotage. Custom wiper malware designed to damage RTUs, PLCs, relays, and serial device servers. https://ampyxcyber.com/blog/polands-energy-sector-attack-when-cyber-sabotage-targets-ot
Poland's Energy Sector Attack: When Cyber Sabotage Targets OT — AMPYX CYBER

On December 29, 2025, Poland experienced coordinated destructive cyberattacks across 30+ wind/solar farms, a CHP plant, and manufacturing. Attackers exploited FortiGate devices without MFA, used default credentials on OT equipment, and deployed custom wiper malware designed to damage industrial cont

AMPYX CYBER