Cyber Security Standards: Low Impact Requirements

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyber Security Standards: Low Impact Requirements"

Transcription

1 Cyber Security Standards: Low Impact Requirements Scott R. Mix, CISSP, NERC Senior CIP Technical Manager FRCC Compliance Fall Workshop November 10, 11, 12, 2015

2 Goals of Low Impact High Impact Large Control Centers CIP-003 to 009 V3 plus Medium Impact Generation and Transmission Control Centers Similar to CIP-003 to 009 V3 All other BES Cyber Systems (Low Impact) must implement a policy to address: Cybersecurity Awareness Physical Security Controls Electronic Access Controls Incident Response V3/V4 Critical Non-Critical Large Control Centers Generation and Transmission Control Centers Generation and Transmission Small Control Centers Generation and Transmission V5 High Medium Low Non-Impactful (Distribution, Marketing, Business) 2 RELIABILITY ACCOUNTABILITY

3 FERC Final Rule Issued November 3, 2013 Effective February 3, 2014 Four directives: Identify Assess and Correct language Communication Networks Low Impact BES Cyber Systems Transient Devices First two had one-year deadline Filing deadline February 3, RELIABILITY ACCOUNTABILITY

4 Low Impact BES Cyber Systems FERC concerned with lack of objective criteria for evaluating Low Impact protections Introduces unacceptable level of ambiguity and potential inconsistency into the compliance process Open to alternative approaches the criteria NERC proposes for evaluating a responsible entities protections for Low impact facilities should be clear, objective and commensurate with their impact on the system, and technically justified. No detailed inventory required list of locations / Facilities OK 4 RELIABILITY ACCOUNTABILITY

5 Low Impact Rating (L) What are Low Impact BES Cyber Systems? BES Cyber Systems not included in Sections 1 or 2 above that are associated with any of the following assets and that meet the applicability qualifications in Section 4 - Applicability, part 4.2 Facilities, of this standard: 3.1. Control Centers and backup Control Centers Transmission stations and substations Generation resources Systems and facilities critical to system restoration, including Blackstart Resources and Cranking Paths and initial switching requirements Special Protection Systems that support the reliable operation of the Bulk Electric System For Distribution Providers, Protection Systems specified in Applicability section above. 5 RELIABILITY ACCOUNTABILITY

6 What are Low Impact BES Cyber Systems? 6 RELIABILITY ACCOUNTABILITY

7 Low Impact BES Cyber Systems SDT maintained all low impact requirements in CIP-003 Low-only entities only need to comply with CIP-002 and CIP- 003 Added CIP-003 Part 1.2 dealing with security policy for low impact BES Cyber Systems Added Attachments dealing with the technical requirement and measures Kept four original areas 7 RELIABILITY ACCOUNTABILITY

8 Low Impact BES Cyber Systems Security Awareness Security Awareness Cyber Security Awareness: Each Responsible Entity shall reinforce, at least once every 15 calendar months, cyber security practices (which may include associated physical security practices). Essentially the same language as CIP-004 Requirement 1 Part 1.1 for high / medium except for timing Can be the same program as high/medium 8 RELIABILITY ACCOUNTABILITY

9 Low Impact BES Cyber Systems Physical Security Physical Security Physical Security Controls: Each Responsible Entity shall control physical access, based on need as determined by the Responsible Entity, to (1) the asset or the locations of the low impact BES Cyber Systems within the asset and (2) the Low Impact BES Cyber System Electronic Access Points (LEAPs), if any. Key Concepts: o control access o based on need as determined by the Responsible Entity Includes locations containing LEAP devices 9 RELIABILITY ACCOUNTABILITY

10 Low Impact BES Cyber Systems Incident Response Incident Response Modeled from medium impact 6 elements (of 9: collapsed process requirements and update requirements together; no documentation of deviations or specific record retention but still need to demonstrate compliance) 10 RELIABILITY ACCOUNTABILITY

11 Low Impact BES Cyber Systems Incident Response 11 RELIABILITY ACCOUNTABILITY

12 Low Impact BES Cyber Systems Electronic Security Electronic Security Two new definitions LERC and LEAP Similar to but different from ERC and EAP concepts at medium & high Electronic Access Controls: Each Responsible Entity shall: 3.1 For LERC, if any, implement a LEAP to permit only necessary inbound and outbound bi-directional routable protocol access; and 3.2 Implement authentication for all Dial-up Connectivity, if any, that provides access to low impact BES Cyber Systems, per Cyber Asset capability. Seven reference model drawings showing LERC & LEAP in Guidelines and Technical Basis section Models are suggestions and guidance not binding requirements 12 RELIABILITY ACCOUNTABILITY

13 Low Impact BES Cyber Systems Electronic Security ERC - External Routable Connectivity - The ability to access a BES Cyber System from a Cyber Asset that is outside of its associated Electronic Security Perimeter via a bi-directional routable protocol connection. LERC Low Impact External Routable Connectivity - Direct user initiated interactive access or a direct device to device connection to a low impact BES Cyber System(s) from a Cyber Asset outside the asset containing those low impact BES Cyber System(s) via a bi directional routable protocol connection. Point to point communications between intelligent electronic devices that use routable communication protocols for time sensitive protection or control functions between Transmission station or substation assets containing low impact BES Cyber Systems are excluded from this definition (examples of this communication include, but are not limited to, IEC GOOSE or vendor proprietary protocols). 13 RELIABILITY ACCOUNTABILITY

14 Low Impact BES Cyber Systems Electronic Security EAP - Electronic Access Point - A Cyber Asset interface on an Electronic Security Perimeter that allows routable communication between Cyber Assets outside an Electronic Security Perimeter and Cyber Assets inside an Electronic Security Perimeter. LEAP Low Impact BES Cyber System Electronic Access Point - A Cyber Asset interface that controls Low Impact External Routable Connectivity. The Cyber Asset containing the LEAP may reside at a location external to the asset or assets containing low impact BES Cyber Systems. 14 RELIABILITY ACCOUNTABILITY

15 Low Impact BES Cyber Systems Electronic Security 15 RELIABILITY ACCOUNTABILITY

16 Low Impact BES Cyber Systems Electronic Security 16 RELIABILITY ACCOUNTABILITY

17 Low Impact BES Cyber Systems Electronic Security 17 RELIABILITY ACCOUNTABILITY

18 Low Impact BES Cyber Systems Electronic Security 18 RELIABILITY ACCOUNTABILITY

19 Low Impact BES Cyber Systems Electronic Security 19 RELIABILITY ACCOUNTABILITY

20 Low Impact BES Cyber Systems Electronic Security 20 RELIABILITY ACCOUNTABILITY

21 Low Impact BES Cyber Systems Electronic Security 21 RELIABILITY ACCOUNTABILITY

22 Implementation Plan Phased implementation plan: IAC no change (4/1/16) Communication Networks 9 months after the effective date of the standard Transient Devices 9 months after the effective date of the standard Low Impact o Latter of 4/1/17 or 9 months after the effective date of the standard for policy, plan, security awareness, and response o Latter of 9/1/18 or 9 months after the effective date of the standard for physical and electronic security 22 RELIABILITY ACCOUNTABILITY

23 April 1, CIP V5 Approved Effective Date IAC, CN revisions - November 13, 2014 LI, TD revisions - February 12, 2015 Implementation Plan NERC If FERC approves CIPV5R in: Board Standard/Requirement Revision Adoption 3Q15 4Q15 1Q16 CIP not up for revision 1-Apr-16 1-Apr-16 1-Apr-16 CIP Apr-16 1-Apr-16 1-Jul-16 CIP-003-6, R1, part 1.1 H/M - Policy 1-Apr-16 1-Apr-16 1-Apr-16 CIP-003-6, R1, part 1.2 LI - Policy 1-Apr-17 1-Apr-17 1-Apr-17 CIP-003-6, R2 LI - Plan 1-Apr-17 1-Apr-17 1-Apr-17 CIP-003-6, Att 1, Sect. 1 LI - Sec Awareness 1-Apr-17 1-Apr-17 1-Apr-17 CIP-003-6, Att 1, Sect. 2 LI - Phys Security 1-Sep-18 1-Sep-18 1-Sep-18 CIP-003-6, Att 1, Sect. 3 LI - Elec. Access 1-Sep-18 1-Sep-18 1-Sep-18 CIP-003-6, Att 1, Sect. 4 LI - Incident Resp 1-Apr-17 1-Apr-17 1-Apr-17 CIP TCA & RM added to Training 1-Apr-16 1-Apr-16 1-Jul-16 CIP not up for revision 1-Apr-16 1-Apr-16 1-Apr-16 CIP Apr-16 1-Apr-16 1-Jul-16 CIP-006-6, R1, part 1.10* CN 1-Jan-17 1-Jan-17 1-Apr-17 CIP Apr-16 1-Apr-16 1-Jul-16 CIP-007-6, R1, part 1.2* CN, RM capitalized 1-Jan-17 1-Jan-17 1-Apr-17 CIP not up for revision 1-Apr-16 1-Apr-16 1-Apr-16 CIP Apr-16 1-Apr-16 1-Jul-16 CIP Apr-16 1-Apr-16 1-Jul-16 CIP-010-2, R4 TD 1-Jan-17 1-Jan-17 1-Apr-17 CIP TCA & RM added to Guidelines 1-Apr-16 1-Apr-16 1-Jul-16 TCA, RM Glossary Terms TD 1-Jan-17 1-Jan-17 1-Apr-17 BCA, PCA Glossary Terms TD 1-Jan-17 1-Jan-17 1-Apr-17 LERC, LEAP Glossary Terms LIA 1-Apr-17 1-Apr-17 1-Apr-17 V5 E- Date 23 RELIABILITY ACCOUNTABILITY

24 Version X IAC/CN Only CIP-003-X/CIP-010-X CIP-003-6/CIP CIP-003-6/CIP July Initial Ballot October Additional Ballot October Final Ballot CIP Version What? CIP-003-6/CIP Lows/Transients CIP-003-6/CIP November Board Adoption January Additional Ballot January Final Ballot CIP-003-7/CIP directives CIP-003-7/CIP directives February Board Adoption CIP-003-6/CIP-004-6/CIP-006-6/ CIP-007-6/CIP-009-6/CIP-010-2/CIP FERC Filing 2/13/ RELIABILITY ACCOUNTABILITY

25 NOPR for approval issued July 16, 2015 Publication in Federal Register July 22, 2015 Comments due back September 21, 2015 Docket RM pages long Proposes to approve standards, VRF, VSL, and Implementation Plan Possible directed modifications NOPR Proposes to direct development of requirements relating to supply chain 25 RELIABILITY ACCOUNTABILITY

26 Proposes to approve requirements (p.15-20) NOPR The proposed revisions address the 4 directives from Order No. 791 Revisions improve the base-line cybersecurity posture compared to the currently approved standards Propose to approve new definitions (with possible directed changes) Propose to accept VRF and VSL Propose to approve the submitted implementation plan 26 RELIABILITY ACCOUNTABILITY

27 Proposed directives for change Propose to modify CIP-006 to require protections for communication links and sensitive bulk electric system data communicated between all bulk electric system Control Centers. (p.59) NOPR o This includes communication between two (or more) Control Centers, but not between a Control Center and non-control Center facilities such as substations. (p.59) o If latency concerns mitigate against the use of encryption our understanding is that other logical protections are available, and we seek comment on this point. (p.59) 27 RELIABILITY ACCOUNTABILITY

28 NOPR Proposed directives for change Propose to direct development of requirements to provide security controls for supply chain management for industrial control system hardware, software, and services associated with bulk electric system operations. (p.66) o It should not impose obligations on suppliers, vendors or other entities that provide services o It should not dictate the abrogation or re-negotiation of effective contracts o It should set goals for achieving the outcome while allowing flexibility in how to achieve the outcome o It may need to allow exceptions, e.g., to meet safety requirements and fill operational requirements if no secure products are available o It should provide enough specificity so that compliance obligations are clear and enforceable ; requiring a plan would not suffice o References DOE Procurement Guide and NIST SP RELIABILITY ACCOUNTABILITY

29 Seeks comment (and may direct modifications) NOPR On the general proposal for a supply chain requirement, including: features and requirements that should be included; and a reasonable timeframe to develop the standard. On the purpose of the meaning of the term direct in the definition of LERC (i.e., direct user-initiated interactive access and direct device-to-device connection ), and the implementation of the layer 7 application protocol break contained in reference model 6 29 RELIABILITY ACCOUNTABILITY

30 Concerns NOPR The commission is concerned about the lack of transient device controls at Low Impact BES Cyber Systems, including Low Impact Control Centers (p.42) o NERC has not provided adequate justification to limit the applicability for transient devices to high and medium impact only based on information in the record, and directs NERC to provide additional information supporting limiting transient device requirements to high and medium impact only (p.43) o May direct NERC to address potential reliability gap (e.g., extend transient device applicability to low impact) 30 RELIABILITY ACCOUNTABILITY

31 Next Steps Industry (including NERC) will provide comments and responses to the NOPR FERC must read and summarize all the comments Based on comments received, FERC will issue the final order, and may alter or accept proposed directed modifications Possible timeframe for final order by the end of 2015 or early 2016 NOPR 31 RELIABILITY ACCOUNTABILITY

32 Due to FERC September 21, sets of comments filed Many comments on Supply Chain NOPR Responses 32 RELIABILITY ACCOUNTABILITY

33 Supply Chain Supports Commission's attention to the issue NERC Response Request two year development time to include possible technical conferences and development, Need to consider existing industry practices to mitigate supply chain risks Should focus on procedures that responsible entitles can reasonably be expected to implement during procurement Existing standards already contain requirements to help mitigate risks associated with supply chain 33 RELIABILITY ACCOUNTABILITY

34 Control Center communication NERC Response Not opposed to further evaluation and standards development Requirements should not introduce reliability problems (e.g., latency) Should account for various risk levels of BES Control Centers Should be results-based and allow flexibility in how to achieve the desired outcome. 34 RELIABILITY ACCOUNTABILITY

35 NERC Response Transient Devices at Low Impact BES Cyber Systems Existing standards take a risk-based approach, and requiring protection of transient devices at Low Impact may be counter to that approach Documenting how Low Impact devices are protected may divert from protecting high and medium BES Cyber Assets Transient Devices used at both High/Medium and Low will be protected by the proposed revised requirements The Commission's assertion about unfettered propagation of malware is incorrect; the mandated implementation of LEAP will help block such propagation If a directive is determined, is should account for the large number and significant diversity of Low Impact BES Cyber Systems 35 RELIABILITY ACCOUNTABILITY

36 Definition of LERC NERC Response Approved definition requires that access controls are required, and the definition covers situations where a Low Impact BES Cyber System is directly access from outside the asset containing the Low Impact BES Cyber System LEAP is used to control communication directly to the Low Impact BES Cyber System; if the communication does not go directly to the Low Impact BES Cyber System, no LEAP is required If NOPR responses indicate confusion, NERC can issue additional guidance or modify the definition to address the confusion. 36 RELIABILITY ACCOUNTABILITY

37 Other Responses Concerns with clarity of the communications discussion Concepts of LERC and LEAP should be rejected; use existing ERC, EAP and ESP definitions at low Need clarification as to what a Control Center is in order to know what communications to protect Suggest guidance rather than a standard for Supply Chain; standard not required Request 36-month implementation timeframe for communications Apply Control Center communications directive to High / Medium only 37 RELIABILITY ACCOUNTABILITY

38 Other Responses Move Version 5 implementation timeframe to April 1, 2017, and CIP R2 to April 1, 2018 Commission should require a cost/benefit analysis as part of a supply chain standards petition Does communication between control centers include voice? ? Extend low implementation date by 3 years Questions about TCAs (timing, connections, use) Transient Device controls not needed for low Questions about non-programmable communications components (i.e., what are they? list of them?) Communications requirements belong in EOP RELIABILITY ACCOUNTABILITY

39 Other Responses Field communications should be protected as well (and synchrophasor data) Convene a technical conference on supply chain issues Timing issues with communication standards implementation Transient Device requirements for low would inherently require and inventory of Low Impact BES Cyber Systems Transient device requirements should be applied to low Control Center communications should be encrypted 39 RELIABILITY ACCOUNTABILITY

40 Project Development History: CIP Version 5 Revisions page: References Critical-Infrastructure-Protection-Version-5-Revisions.aspx CIP Version 5 Transition page: 40 RELIABILITY ACCOUNTABILITY

41 Questions Scott Mix, CISSP Senior CIP Technical Manager

Cyber Security Standards: Version 5 Revisions. Security Reliability Program 2015

Cyber Security Standards: Version 5 Revisions. Security Reliability Program 2015 Cyber Security Standards: Version 5 Revisions Security Reliability Program 2015 Overview of Development Activities The Team Standard Drafting Team (SDT) appointed to address these revisions in Project

More information

Lisa Wood, Compliance Auditor, Cyber Security, CISA, CBRM, CBRA. CIP R2 Low Impact Assets (LIA) Update January 29, 2015

Lisa Wood, Compliance Auditor, Cyber Security, CISA, CBRM, CBRA. CIP R2 Low Impact Assets (LIA) Update January 29, 2015 Lisa Wood, Compliance Auditor, Cyber Security, CISA, CBRM, CBRA CIP-003-7 R2 Low Impact Assets (LIA) Update January 29, 2015 Agenda Low Impact Progress Anticipated Dates Low Impact Requirement and Implementation

More information

CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments

CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:

More information

152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM15-14-000]

152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM15-14-000] 152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM15-14-000] Revised Critical Infrastructure Protection Reliability Standards (July 16, 2015) AGENCY:

More information

Summary of CIP Version 5 Standards

Summary of CIP Version 5 Standards Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have

More information

Cyber Security Standards Update: Version 5 with Revisions

Cyber Security Standards Update: Version 5 with Revisions Cyber Security Standards Update: Version 5 with Revisions Security Reliability Program 2015 Agenda CIP Standards History Version 5 Format Impact Levels NOPR Final Rule References 2 RELIABILITY ACCOUNTABILITY

More information

CIP v5/v6 Implementation Plan CIP v5 Workshop. Tony Purgar October 2-3, 2014

CIP v5/v6 Implementation Plan CIP v5 Workshop. Tony Purgar October 2-3, 2014 CIP v5/v6 Implementation Plan CIP v5 Workshop Tony Purgar October 2-3, 2014 Revision History CIP v5/v6 Implementation Plan Change History Date Description Initial Release July 25, 2014 Revision V0.1 August-2014

More information

Notable Changes to NERC Reliability Standard CIP-005-5

Notable Changes to NERC Reliability Standard CIP-005-5 MIDWEST RELIABILITY ORGANIZATION Notable Changes to NERC Reliability Standard CIP-005-5 Electronic Security Perimeter(s) Bill Steiner MRO Principal Risk Assessment and Mitigation Engineer MRO CIP Version

More information

CIP-003-5 Cyber Security Security Management Controls

CIP-003-5 Cyber Security Security Management Controls A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-5 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and

More information

CIP-003-6 R2 BES Assets Containing Low Impact BCS. Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security

CIP-003-6 R2 BES Assets Containing Low Impact BCS. Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security CIP-003-6 R2 BES Assets Containing Low Impact BCS Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security Slide 2 About Me Been with WECC for 5 years 1 ½ years as a Compliance Program Coordinator

More information

CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments

CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:

More information

CIP-005-5 Cyber Security Electronic Security Perimeter(s)

CIP-005-5 Cyber Security Electronic Security Perimeter(s) A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-5 3. Purpose: To manage electronic access to BES Cyber Systems by specifying a controlled Electronic Security

More information

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council Voluntary Cybersecurity Initiatives in Critical Infrastructure Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org 2014 Utilities Telecom Council Utility cybersecurity environment is full of collaborations

More information

Cyber Security Standards Update: Version 5

Cyber Security Standards Update: Version 5 Cyber Security Standards Update: Version 5 January 17, 2013 Scott Mix, CISSP CIP Technical Manager Agenda Version 5 Impact Levels Format Features 2 RELIABILITY ACCOUNTABILITY CIP Standards Version 5 CIP

More information

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) Whitepaper North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) NERC-CIP Overview The North American Electric Reliability Corporation (NERC) is a

More information

Critical Infrastructure Protection 101

Critical Infrastructure Protection 101 C L AR I T Y AS S U R AN C E R E S U LT S M I D W E S T R E LIAB I L I T Y ORGAN I Z AT I ON Critical Infrastructure Protection 101 An Introduction to CIP Version 5 Richard Burt MRO Principal Risk Assessment

More information

NERC Cyber Security Standards

NERC Cyber Security Standards SANS January, 2008 Stan Johnson Manager of Situation Awareness and Infrastructure Security Stan.johnson@NERC.net 609-452-8060 Agenda History and Status of Applicable Entities Definitions High Level of

More information

NERC CIP VERSION 5 COMPLIANCE

NERC CIP VERSION 5 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining

More information

Cyber Security Compliance (NERC CIP V5)

Cyber Security Compliance (NERC CIP V5) Cyber Security Compliance (NERC CIP V5) Ray Wright NovaTech, LLC Abstract: In December 2013, the Federal Energy Regulatory Commission (FERC) issued Order No. 791 which approved the Version 5 CIP Reliability

More information

CIP Information Protection. Ray Sefchik CISA, CISM, CISSP Manager, CIP Compliance Monitoring February 16, 2015

CIP Information Protection. Ray Sefchik CISA, CISM, CISSP Manager, CIP Compliance Monitoring February 16, 2015 CIP-011-2 Information Protection Ray Sefchik CISA, CISM, CISSP Manager, CIP Compliance Monitoring February 16, 2015 Agenda Help entities understand and prepare for the upcoming CIP-011-2 standard Differences

More information

Alberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5

Alberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5 A. Introduction 1. Title: 2. Number: 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES cyber systems against

More information

CIP Version 5 Supports Unidirectional Security Gateways

CIP Version 5 Supports Unidirectional Security Gateways CIP Version 5 Supports Unidirectional Security Gateways Paul Feldman Independent Director MISO & WECC Lior Frenkel CEO and Co-Founder Waterfall Security Solutions May, 2013 Abstract The NERC CIP Version

More information

Alberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5

Alberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5 A. Introduction 1. Title: 2. Number: 3. Purpose: To manage system security by specifying select technical, operational, and procedural requirements in support of protecting BES cyber systems against compromise

More information

Standard CIP-006-3c Cyber Security Physical Security

Standard CIP-006-3c Cyber Security Physical Security A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security

More information

Redesigning automation network security

Redesigning automation network security White Paper WP152006EN Redesigning automation network security Presented at Power and Energy Automation Conference (PEAC), Spokane, WA, March 2014 Jacques Benoit Eaton s Cooper Power Systems Abstract The

More information

Notable Changes to NERC Reliability Standard CIP-010-3

Notable Changes to NERC Reliability Standard CIP-010-3 C L AR I T Y AS S U R AN C E R E S U LT S M I D W E S T R E LIAB I L I T Y ORGAN I Z AT I ON Notable Changes to NERC Reliability Standard CIP-010-3 Cyber Security Configuration Change Management and Vulnerability

More information

Deploying RUGGEDCOM CROSSBOW as an Intermediate Remote Access Solution

Deploying RUGGEDCOM CROSSBOW as an Intermediate Remote Access Solution Application description Deploying RUGGEDCOM CROSSBOW as an Intermediate Remote Access Solution RUGGEDCOM CROSSBOW https://support.industry.siemens.com/cs/ww/en/view/109483784 Warranty and Liability Warranty

More information

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security

More information

KEY CONSIDERATIONS FOR MIGRATING TO THE VERSION 5 NERC CIP CYBER SECURITY STANDARDS

KEY CONSIDERATIONS FOR MIGRATING TO THE VERSION 5 NERC CIP CYBER SECURITY STANDARDS KEY CONSIDERATIONS FOR MIGRATING TO THE VERSION 5 NERC CIP CYBER SECURITY STANDARDS Lenny Mansell Director, Consulting Services 1 January 29, 2014 AGENDA Introduction Multiple paradigm shifts ahead How

More information

Cyber Security for NERC CIP Version 5 Compliance

Cyber Security for NERC CIP Version 5 Compliance GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...

More information

Impact of NERC CIP Version 5 on Synchrophasor Systems

Impact of NERC CIP Version 5 on Synchrophasor Systems Impact of NERC CIP Version 5 on Synchrophasor Systems What the heck do we do NOW? or What are the CIP implications for a substation if we install synchrophasor infrastructure? Disclaimer While I have worked

More information

Standard CIP 007 3a Cyber Security Systems Security Management

Standard CIP 007 3a Cyber Security Systems Security Management A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for

More information

TASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices

TASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security

More information

NovaTech NERC CIP Compliance Document and Product Description Updated June 2015

NovaTech NERC CIP Compliance Document and Product Description Updated June 2015 NovaTech NERC CIP Compliance Document and Product Description Updated June 2015 This document describes the NovaTech Products for NERC CIP compliance and how they address the latest requirements of NERC

More information

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance NERC CIP Whitepaper How Endian Solutions Can Help With Compliance Introduction Critical infrastructure is the backbone of any nations fundamental economic and societal well being. Like any business, in

More information

When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard.

When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard. CIP-002-5 Cyber Security BES Cyber System Categorization When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard. A.

More information

What s Going on with NERC CIP? Presentation to MISO CIPUG Tom Alrich Manager, Cyber Risk Services Deloitte & Touche LLP Feb.

What s Going on with NERC CIP? Presentation to MISO CIPUG Tom Alrich Manager, Cyber Risk Services Deloitte & Touche LLP Feb. What s Going on with NERC CIP? Presentation to MISO CIPUG Tom Alrich Manager, Cyber Risk Services Deloitte & Touche LLP Feb. 25, 2016 BORING SLIDES ALERT Attention: The following slides were composed by

More information

NERC CIP Compliance with Security Professional Services

NERC CIP Compliance with Security Professional Services NERC CIP Compliance with Professional Services The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is

More information

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1 A. Introduction 1. Title: 2. Number: 3. Purpose: To prevent and detect unauthorized changes to BES cyber systems by specifying configuration change management and vulnerability assessment requirements

More information

ReliabilityFirst CIP Evidence List CIP-002 through CIP-009 are applicable to RC, BA, IA, TSP, TO, TOP, GO, GOP, LSE, NERC, & RE

ReliabilityFirst CIP Evidence List CIP-002 through CIP-009 are applicable to RC, BA, IA, TSP, TO, TOP, GO, GOP, LSE, NERC, & RE R1 Provide Risk Based Assessment Methodology (RBAM) R1.1 Provide evidence that the RBAM includes both procedures and evaluation criteria, and that the evaluation criteria are riskbased R1.2 Provide evidence

More information

Transition from NERC CIP Version 3 to Version 5. Joe Bucciero Sr. Manager of Consulting April 8, 2014

Transition from NERC CIP Version 3 to Version 5. Joe Bucciero Sr. Manager of Consulting April 8, 2014 Transition from NERC CIP Version 3 to Version 5 Joe Bucciero Sr. Manager of Consulting jbucciero@corprisk.net April 8, 2014 Agenda NERC CIP Background Effective Dates for V5 Standards Transition to V5

More information

NB Appendix CIP-004-5.1-NB-1 - Cyber Security Personnel & Training

NB Appendix CIP-004-5.1-NB-1 - Cyber Security Personnel & Training This appendix establishes modifications to the FERC approved NERC standard CIP-004-5.1 for its specific application in New Brunswick. This appendix must be read with CIP-004-5.1 to determine a full understanding

More information

Alberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5

Alberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5 Alberta Reliability Stard Final Proposed Draft Version 2.0 September 9, 2014 A. Introduction 1. Title: 2. Number: 3. Purpose: To manage physical access to BES cyber systems by specifying a physical security

More information

Alberta Reliability Standard Cyber Security Incident Reporting and Response Planning CIP-008-AB-5

Alberta Reliability Standard Cyber Security Incident Reporting and Response Planning CIP-008-AB-5 Final Forwarding Draft September 29, 2014 A. Introduction 1. Title: 2. Number: 3. Purpose: To mitigate the risk to the reliable operation of the bulk electric system as the result of a cyber security incident

More information

Implementation Plan for Version 5 CIP Cyber Security Standards

Implementation Plan for Version 5 CIP Cyber Security Standards Implementation Plan for Version 5 CIP Cyber Security Standards April 10September 11, 2012 Prerequisite Approvals All Version 5 CIP Cyber Security Standards and the proposed additions, modifications, and

More information

The North American Electric Reliability Corporation ( NERC ) hereby submits

The North American Electric Reliability Corporation ( NERC ) hereby submits December 8, 2009 VIA ELECTRONIC FILING Kirsten Walli, Board Secretary Ontario Energy Board P.O Box 2319 2300 Yonge Street Toronto, Ontario, Canada M4P 1E4 Re: North American Electric Reliability Corporation

More information

NERC CIP Tools and Techniques

NERC CIP Tools and Techniques NERC CIP Tools and Techniques Supplemental Project - Introduction Webcast Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com (843) 619-0050 October

More information

Alberta Reliability Standard Cyber Security Personnel & Training CIP-004-AB-5.1

Alberta Reliability Standard Cyber Security Personnel & Training CIP-004-AB-5.1 Alberta Reliability Stard A. Introduction 1. Title: 2. Number: 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the bulk electric system from individuals

More information

Information Shield Solution Matrix for CIP Security Standards

Information Shield Solution Matrix for CIP Security Standards Information Shield Solution Matrix for CIP Security Standards The following table illustrates how specific topic categories within ISO 27002 map to the cyber security requirements of the Mandatory Reliability

More information

149 FERC 61,140 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM14-15-000; Order No.

149 FERC 61,140 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM14-15-000; Order No. 149 FERC 61,140 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM14-15-000; Order No. 802] Physical Security Reliability Standard (Issued November 20, 2014) AGENCY:

More information

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample

More information

Standard TOP Operations Planning

Standard TOP Operations Planning A. Introduction 1. Title: 2. Number: TOP-002-4 3. Purpose: To ensure that Transmission Operators and Balancing Authorities have plans for operating within specified limits. 4. Applicability: 4.1. Transmission

More information

Lessons Learned CIP Reliability Standards

Lessons Learned CIP Reliability Standards Evidence for a requirement was not usable due to a lack of identifying information on the document. An entity should set and enforce a "quality of evidence" standard for its compliance documentation. A

More information

CIP R3 Vulnerability Assessments Compliance Workshop October 27, Carl Bench Compliance Auditor, Cyber Security

CIP R3 Vulnerability Assessments Compliance Workshop October 27, Carl Bench Compliance Auditor, Cyber Security CIP 010 2 R3 Vulnerability Assessments Compliance Workshop October 27, 2016 Carl Bench Compliance Auditor, Cyber Security 2 CIP 010 2 Purpose To prevent and detect unauthorized changes to BES Cyber Systems,

More information

NERC CIP Standards and NIST Smart Grid Update

NERC CIP Standards and NIST Smart Grid Update NERC CIP Standards and NIST Smart Grid Update Keith Stouffer Program Manager National Institute of Standards and Technology Keith.stouffer@nist.gov Topics NERC Critical Infrastructure Protection (CIP)

More information

TRIPWIRE NERC SOLUTION SUITE

TRIPWIRE NERC SOLUTION SUITE CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering

More information

Nokia mission-critical communications networks solution for power utilities

Nokia mission-critical communications networks solution for power utilities Nokia mission-critical communications networks solution for power utilities Attaining NERC CIP version 5 reliability standards compliance Application note 1 Application note Abstract Since its advent,

More information

Maximize Security to Minimize Compliance Costs. Technical Solutions Focused Webinar July 28, 2015 Sponsored by Waterfall Security Solutions

Maximize Security to Minimize Compliance Costs. Technical Solutions Focused Webinar July 28, 2015 Sponsored by Waterfall Security Solutions Maximize Security to Minimize Compliance Costs Technical Solutions Focused Webinar July 28, 2015 Sponsored by Waterfall Security Solutions Agenda Welcome and Panel Introduction Goals Why consider unidirectional

More information

TOP 10 CHALLENGES. With suggested solutions

TOP 10 CHALLENGES. With suggested solutions NERC CIP VERSION 5 TOP 10 CHALLENGES With suggested solutions 401 Congress Avenue, Suite 1540 Austin, TX 78791 Phone: 512-687- 6224 E- Mail: chumphreys@theanfieldgroup.com Web: www.theanfieldgroup.com

More information

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method R2 Critical Asset Identification R3 Critical Cyber Asset Identification Procedures and Evaluation

More information

NERC CIP Compliance 10/11/2011

NERC CIP Compliance 10/11/2011 NERC CIP Compliance 10/11/2011 Authored by Dan Barker, American Transmission Co. Ron Bender, Nebraska Public Power District Richard Burt, Minnkota Power Cooperative, Inc. Marc Child, Great River Energy

More information

CrossBow NERC CIP Compliance Matrix

CrossBow NERC CIP Compliance Matrix Section Requirement CIP-002-1 Cyber Security Critical Cyber Asset Identification R3, M3 the Responsible Entity shall develop a list of associated Critical Cyber Assets essential to the operation of the

More information

Securing Distribution Automation

Securing Distribution Automation Securing Distribution Automation Jacques Benoit, Cooper Power Systems Serge Gagnon, Hydro-Québec Luc Tétreault, Hydro-Québec Western Power Delivery Automation Conference Spokane, Washington April 2010

More information

Patching & Malicious Software Prevention CIP-007 R3 & R4

Patching & Malicious Software Prevention CIP-007 R3 & R4 Patching & Malicious Software Prevention CIP-007 R3 & R4 Scope Compliance Assessment Summary Introspection & Analysis Program-In Review Maturity Model review Control Design review Process Components of

More information

CIP Version 5 Transition Guidance

CIP Version 5 Transition Guidance CIP Version 5 Transition Guidance September 4, 2014 Kevin B. Perry Dir, Critical Infrastructure Protection kperry.re@spp.org 501.614.3251 Agenda Introduction Critical Asset Identification Options Newly

More information

FINRA Publishes its 2015 Report on Cybersecurity Practices

FINRA Publishes its 2015 Report on Cybersecurity Practices Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February

More information

Reclamation Manual Directives and Standards

Reclamation Manual Directives and Standards Electronic Security Perimeter (ESP) Identification and Access Control Process 1. Introduction. A. This document outlines a multi-step process for identifying and protecting ESPs pursuant to the North American

More information

Standard CIP 007 3 Cyber Security Systems Security Management

Standard CIP 007 3 Cyber Security Systems Security Management A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for securing

More information

Cyber Security and Privacy - Program 183

Cyber Security and Privacy - Program 183 Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology

More information

FERC, NERC and Emerging CIP Standards

FERC, NERC and Emerging CIP Standards Protecting Critical Infrastructure and Cyber Assets in Power Generation and Distribution Embracing standards helps prevent costly fines and improves operational efficiency Bradford Hegrat, CISSP, Principal

More information

SecFlow Security Appliance Review

SecFlow Security Appliance Review Solution Paper. SecFlow Security Appliance Review NERC CIP version 5 Compliance Enabler July 2014 Abstract The alarming increase in cyber attacks on critical infrastructure poses new risk management challenges

More information

Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!

Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! October 3, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber

More information

Information Bulletin

Information Bulletin Public Policy Division Impact of NIST Guidelines for Cybersecurity Prepared by UTC Staff 1. Introduction... 3 2. Cybersecurity Landscape... 3 3. One Likely Scenario... 5 4. Draft NISTIR 7628, Guidelines

More information

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy s gas and electric utilities collaborate with industry leaders and a wide range of

More information

Guide to Developing a Cyber Security and Risk Mitigation Plan

Guide to Developing a Cyber Security and Risk Mitigation Plan NRECA / Cooperative Research Network Smart Grid Demonstration Project Guide to Developing a Cyber Security and Risk Mitigation Plan DOE Award No: DE-OE0000222 National Rural Electric Cooperative Association,

More information

North American Electric Reliability Corporation (NERC) Cyber Security Standard

North American Electric Reliability Corporation (NERC) Cyber Security Standard North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation

More information

MOD Demand and Energy Data

MOD Demand and Energy Data A. Introduction 1. Title: Demand and Energy Data 2. Number: MOD-031-2 3. Purpose: To provide authority for applicable entities to collect Demand, energy and related data to support reliability studies

More information

Tempered Networks NERC CIP Alignment

Tempered Networks NERC CIP Alignment NERC CIP Alignment Executive Summary Utilities are currently weighing the advantages of increasing IP connectivity across all levels of operations against the costs of regulatory compliance. Meeting NERC

More information

Meeting IED Integration Cyber Security Challenges. Jacques Benoit Manager Cybectec Product and Technology Training Cooper Power Systems

Meeting IED Integration Cyber Security Challenges. Jacques Benoit Manager Cybectec Product and Technology Training Cooper Power Systems Meeting IED Integration Cyber Security Challenges Jacques Benoit Manager Cybectec Product and Technology Training Cooper Power Systems Jacques.Benoit@cybectec.com INTRODUCTION The Nature of the Risk Utilities

More information

Security Policy for External Customers

Security Policy for External Customers 1 Purpose Security Policy for This security policy outlines the requirements for external agencies to gain access to the City of Fort Worth radio system. It also specifies the equipment, configuration

More information

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity October 10, 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 RE: Experience with the Framework for Improving Critical Infrastructure

More information

How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework

How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework Jacques Benoit, Cooper Power Systems Inc., Energy Automations Solutions - Cybectec Robert O Reilly, Cooper

More information

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which

More information

April 28, 2009. Dear Mr. Chairman:

April 28, 2009. Dear Mr. Chairman: April 28, 2009 The Honorable Edward J. Markey Chairman Subcommittee on Energy and Environment Committee on Energy and Commerce U.S. House of Representatives Washington, D.C. 20515 Dear Mr. Chairman: I

More information

Product Bulletin. D20MX / D2x: NERC CIP 5 Response. GE Digital Energy. D20MX, D2x / NERC Critical Infrastructure Protection v5 Response.

Product Bulletin. D20MX / D2x: NERC CIP 5 Response. GE Digital Energy. D20MX, D2x / NERC Critical Infrastructure Protection v5 Response. GE Digital Energy / D2x: NERC CIP 5 Response Product Bulletin Date: January 6, 2015 Classification: GE Information, D2x / NERC Critical Infrastructure Protection v5 Response Overview The purpose of this

More information

When Should the NERC CIP be Applied to Smart Grid Projects?

When Should the NERC CIP be Applied to Smart Grid Projects? When Should the NERC CIP be Applied to Smart Grid Projects? Tobias Whitney The Structure Group tobias.whitney@thestructuregroup.com 314 422 7050 Introductions The Structure Group The Structure Group is

More information

CYBERSECURITY EXAMINATION SWEEP SUMMARY

CYBERSECURITY EXAMINATION SWEEP SUMMARY This Risk Alert provides summary observations from OCIE s examinations of registered broker-dealers and investment advisers, conducted under the Cybersecurity Examination Initiative, announced April 15,

More information

WHITE PAPER CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE

WHITE PAPER CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE MAY 2011 TABLE OF CONTENTS 1.0 INTRODUCTION... 3 2.0 MODERN ELECTRIC UTILITY COMMUNICATIONS... 4 2.1 DOMAINS AND

More information

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Audit Report Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security DOE/IG-0846 January 2011

More information

Entity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire

Entity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire Entity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire Upcoming Audit Date: March 16, 2015 Upcoming Audit Type: O&P Audit Start of Audit Period: March 16, 2012 Date Submitted: Table of Contents

More information

Keeping the Lights On

Keeping the Lights On Keeping the Lights On Fundamentals of Industrial Control Risks, Vulnerabilities, Mitigating Controls, and Regulatory Compliance Learning Goals o Understanding definition of industrial controls o Understanding

More information

LogRhythm and NERC CIP Compliance

LogRhythm and NERC CIP Compliance LogRhythm and NERC CIP Compliance The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is reliable, adequate

More information

CIP R1.5 Spring CIP Audit Workshop. April 14, 2016 Scott Pelfrey, CISA, CISSP, GISP, MBA Senior Technical Auditor

CIP R1.5 Spring CIP Audit Workshop. April 14, 2016 Scott Pelfrey, CISA, CISSP, GISP, MBA Senior Technical Auditor CIP-005-5 R1.5 Spring CIP Audit Workshop April 14, 2016 Scott Pelfrey, CISA, CISSP, GISP, MBA Senior Technical Auditor CIP-005-5 Part 1.5 Learning Objectives Terminology Discussion of IPS/IDS & firewall

More information

Technology Solutions for NERC CIP Compliance June 25, 2015

Technology Solutions for NERC CIP Compliance June 25, 2015 Technology Solutions for NERC CIP Compliance June 25, 2015 2 Encari s Focus is providing NERC CIP Compliance Products and Services for Generation and Transmission Utilities, Municipalities and Cooperatives

More information

Open Enterprise Architectures for a Substation Password Management System

Open Enterprise Architectures for a Substation Password Management System CIGRÉ Canada 21, rue d Artois, F-75008 PARIS (154) Conference on Power Systems http : //www.cigre.org Toronto, October 4-6, 2009 Open Enterprise Architectures for a Substation Password Management System

More information

Cybersecurity: What CFO s Need to Know

Cybersecurity: What CFO s Need to Know Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction

More information

Secure Remote Substation Access Solutions

Secure Remote Substation Access Solutions Secure Remote Substation Access Solutions Supplemental Project - Introduction Webcast October 16, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com

More information

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to

More information

NERC-CIP S MOST WANTED

NERC-CIP S MOST WANTED WHITE PAPER NERC-CIP S MOST WANTED The Top Three Most Violated NERC-CIP Standards What you need to know to stay off the list. www.alertenterprise.com NERC-CIP s Most Wanted AlertEnterprise, Inc. White

More information

NICE and Framework Overview

NICE and Framework Overview NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to

More information