Cyber Security and Privacy - Program 183

Size: px
Start display at page:

Download "Cyber Security and Privacy - Program 183"

Transcription

1 Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology and telecommunications infrastructures to ensure the reliability and security of the electric grid. Cyber security measures must be designed and implemented to protect the electrical grid from attacks by terrorists and hackers. Cyber security measures must also strengthen grid resilience against natural disasters and inadvertent threats such as equipment failures and user errors. The Electric Power Research Institute s (EPRI s) Cyber Security and Privacy program addresses the emerging threats to an interconnected electric sector through cross-sector collaborative research on cyber security technology, standards, and business processes. The program also undertakes collaborative research with industry to assess technologies and controls on data privacy for the electric grid. Research Value The rapid pace of change in the electric sector creates a challenging environment for asset owners and operators to monitor the activities of industry groups, develop an understanding of the security impacts of new technologies, and maintain the right internal resources for assessing technologies. The Cyber Security and Privacy program intends to address this challenge by providing security tools, architectures, guidelines, and testing results to its members. Participation in EPRI s Cyber Security and Privacy program may provide better understanding of industry and government collaborative efforts, and where members should "plug in" to current activities; guidance on developing cyber security strategies and selection requirements; techniques for assessing and monitoring risk; practical approaches to mitigating legacy system risk; early identification of security gaps through lab assessments of security technology; and technology to support managing cyber incidents and increasing the cyber security resiliency of the grid. The Cyber Security and Privacy program is focused on developing security requirements, creating new security technologies, and performing lab assessments of relevant technologies. Members may use the products to enhance their current cyber-security posture and increase the security of systems that are deployed in the future. Key deliverables in this program include continuous mapping of activity in the cyber security and privacy landscape, security solutions and implementation guidance for legacy systems, guidance on assessing and monitoring risk, security management tools for transmission and distribution systems, and security tools and techniques for assessing grid security and cyber security resiliency. Accomplishments The Cyber Security and Privacy portfolio has delivered several key accomplishments that have helped its members and the industry: 1

2 2 Electric Power Research Institute Portfolio 2014 National Electric Sector Cyber Security Organization Resource (NESCOR): EPRI was awarded a contract to provide research and development resources for DOE's public-private partnership NESCOR. EPRI is leading the working groups focused on vulnerability and threat identification, cyber security standards assessment, and technology testing and validation. The results of this work will be used to develop improved threat models, cyber security requirements, and security technologies. To date, NESCOR has delivered the following documents: Smart Energy Profile (SEP) 1.x Summary and Analysis: This technical white paper provides guidance to utilities, regulators, and integrators who are deploying and configuring SEP 1.x in field devices. Guide to Penetration Testing for Electric Utilities: This security test plan provides guidance to electric utilities on how to perform penetration tests in the smart grid domains of advanced metering infrastructure (AMI), demand response (DR), distributed energy resources (DER), distribution grid management (DGM), electric transportation (ET), and wide-area monitoring, protection and control (WAMPAC). Penetration testing is one of the many different types of assessments utilities can perform to evaluate their overall security posture. Draft Electric Sector Failure Scenarios and Analyses: This document includes cyber security failure scenarios and impact analysis for the electric sector. A cyber security failure scenario is a realistic event in which the failure to maintain confidentiality, integrity, and/or availability of sector cyber assets creates a negative impact on the generation, transmission, and/or delivery of power. Legacy System Security: Within the Cyber Security and Privacy program, EPRI is addressing the challenge of reducing the security risk of existing legacy assets. Working with the program advisors, a key legacy system security issue was selected: password management for substation devices. The project focused on analyzing the password management capabilities of multiple substation remote-access vendors. Advanced password management functionality can be used to support NERC CIP compliance requirements, reduce the frequency of password updates due to employee turnover by hiding passwords from users, and reduce the risk of unauthorized access through the use of randomized passwords. Substation Security and Remote Access Implementation Strategies: Within the Cyber Security and Privacy program, EPRI also focused on challenges associated with deploying a secure remote-access solution for substations. These include maintaining security objectives, meeting organizational and operational access restrictions, and supporting NERC CIP compliance. This project developed a set of consolidated requirements for remote substation access solutions. These requirements were provided to vendors to support changing the security and feature sets of their products. Five vendors participated in a workshop at EPRI to demonstrate their products using five test-case scenarios, offering a side-by-side comparison of their capabilities. Current Year Activities In 2014, this program expects to accomplish the following objectives: Track industry and government activities and provide technical contributions to key working groups Address cyber security for select legacy systems security issues Create a security management foundation for transmission and distribution systems Improve the electric sector s ability to detect, respond, and recover from cyber incidents Create security designs and architectures for new smart grid components Develop techniques for assessing and monitoring cyber security risk Develop security metrics for the electric sector Estimated 2014 Program Funding $3.0M Program Manager Galen Rasche,,

3 3 Electric Power Research Institute Portfolio 2014 Summary of Projects PS183A Cyber Security and Privacy Technology Transfer and Industry Collaboration (072129) Project Set The landscape of cyber security and privacy activities in the electric sector involves numerous industry, government, and regulatory groups. This project set can provide members with an up-to-date view of these activities and support the technical contribution to these groups to increase the usability of their work products. Project Number Project Title P Mapping the Smart Grid Cyber Security and Privacy Activities Landscape P Cyber Security and Privacy Technology Transfer and Industry Collaboration This project will provide asset owners and operators with regular updates on smart grid cyber security and privacy activities. This project supports technical participation in industry collaboration efforts to identify cyber security and privacy issues and requirements for the smart grid, informing members and bringing the utility perspective to the efforts. P Mapping the Smart Grid Cyber Security and Privacy Activities Landscape (072128) Cyber-physical security and data privacy have become critical priorities for utilities over the past several decades. Many federal agencies, such as DOE, the Department of Homeland Security, the Department of Defense, state organizations, and various industry and academic organizations are currently leading and executing cyber security and privacy activities, research, and working groups for the smart grid. Many asset owners and operators are currently modernizing their grid systems, with matching funding from DOE under the American Recovery and Reinvestment Act and other grant programs. In addition, the National Institute of Standards and Technology (NIST), as required by the Energy Independence and Security Act, has developed an interoperability framework for the smart grid. A map of these various activities may prevent redundant effort or identify significant gaps in research areas. There are many initiatives researching and assessing the cyber security requirements of the existing electric grid and the smart grid. This project will provide ongoing updates on the status of research and development activities, federal and state policy and regulatory proposals, standards and guidance document development, and organizations that are funding and/or executing cyber security and privacy activities. This project may help asset owners and operators achieve the following: Be knowledgeable about the status of various research programs and standards and guidance development efforts. Gain an understanding of the cyber security and privacy activities currently being undertaken by industry, academic, and government groups.

4 4 Electric Power Research Institute Portfolio 2014 The information may be used by asset owners and operators to do the following: Identify specific activities that are important to the organization Select applicable committees and working groups Identify gaps in current cyber security and privacy activities Reduce the risk of redundancy in research programs Product Title & Cyber Security and Privacy Landscape Mapping Release 9: This product will be available online for all members to access. The online information will be updated regularly as new activities are identified. Cyber Security and Privacy Landscape Mapping Release 10: This product will be available online for all members to access. The online information will be updated regularly as new activities are identified. Cyber Security and Privacy Landscape Mapping Release 11: This product will be available online for all members to access. The online information will be updated regularly as new activities are identified. Cyber Security and Privacy Landscape Mapping Release 12: This product will be available online for all members to access. The online information will be updated regularly as new activities are identified. 04/01/14 07/01/14 10/01/14 12/31/14 P Cyber Security and Privacy Technology Transfer and Industry Collaboration (072130) With increased attention focused on securing the electric sector, numerous industry groups and public-private partnerships have been created to develop new security requirements and technologies. Additionally, working groups of organizations such as the North American Electric Reliability Corporation (NERC) and the Smart Grid Interoperability Panel (SGIP) will continue to have a direct impact on utility operations. These groups are addressing specific needs in the industry; however, utility staff are often unavailable to support all of these efforts. This lack of availability can lead to two key issues: First, utilities are less aware of changes that might impact the industry. Second, products being generated may lack the perspective of the utilities. This project will support active participation and contribution to collaborative efforts and interest groups such as the following: Smart Grid Interoperability Panel (SGIP) Smart Grid Security Committee (SGCC) NESCOR Design Principles Group European Network and Information Security Agency (ENISA) Department of Homeland Security Industrial Control Systems Joint Working Group (ICSJWG) OpenSG Security Nuclear Energy Institute (NEI) European Commission International Electrotechnical Commission (IEC) National SCADA Test Bed (NSTB)

5 5 Electric Power Research Institute Portfolio 2014 This project may help members benefit from cyber security and privacy collaborative efforts in the following ways: Reduce the time necessary to track industry efforts by using a single report for updates. Reduce the risk that key activities are not tracked. Increase the usability of working group products. Increase the effectiveness of security requirements and solutions that are developed. The reports developed from this project may provide a single reference point for members to track the detailed efforts of several industry groups. This project may also increase the relevance and utility of the security reports, controls, and technologies that are being developed. Product Title & Quarter 1 Electric Sector Cyber Security Activities Report: Quarterly update on the activities of the industry and government working groups Quarter 2 Electric Sector Cyber Security Activities Report: Quarterly update on the activities of the industry and government working groups Quarter 3 Electric Sector Cyber Security Activities Report: Quarterly update on the activities of the industry and government working groups Quarter 4 Electric Sector Cyber Security Activities Report: Quarterly update on the activities of the industry and government working groups 04/01/14 07/01/14 10/01/14 12/31/14 PS183B Security Technology for T&D Systems (072136) Project Set This project set will address several security challenges facing transmission and distribution (T&D) systems, such as reducing the security risk to legacy systems, developing protective measures, and managing cyber incidents to increase the resiliency of the grid. Project Number Project Title P Security Strategies and Solutions for Legacy Systems P Protective Measures for Securing T&D Systems P Managing Cyber Security Incidents for T&D Systems This project will focus on mitigating the cyber security risks to legacy systems by creating cyber security mitigation strategies and transition strategies for legacy systems. This project will focus on security architectures, tools, and procedures that provide end-to-end security and support defense-in-breadth features. This project will focus on increasing the sector s ability to respond and recover from cyber incidents (malicious or non-malicious) in a more efficient and predictive manner.

6 6 Electric Power Research Institute Portfolio 2014 P Security Strategies and Solutions for Legacy Systems (072131) Legacy systems continue to pose a security challenge for utilities. Supporting requirements such as integrity, confidentiality, and authentication can be extremely difficult when confronted with the constraints of limited communications bandwidths, lower computation capacity, and legacy protocols. System availability is a primary concern in power control systems and must be taken into account when developing security mitigation strategies. Additionally, vendor design choices such as hard-coding passwords into software also pose security risks. Given the impracticality of replacing these systems, guidance is required to mitigate cyber security risks posed by legacy systems. This project will focus on mitigating the cyber security risk of legacy systems by creating transition strategies, cyber security controls, and procedures for legacy systems. The project will begin with the project advisors prioritizing and selecting a key legacy systems security issue. Once the highest impact legacy system issue is identified, the project will accomplish the following: Develop practical and implementable solutions for existing systems Develop guidelines for implementing the solutions Provide objective estimates of the resources that will be needed to effectively implement the solutions This project may help members by mitigating the security risk to legacy systems in the following ways: Developing security technology options that account for system constraints Creating an understanding of how to implement the recommended security controls Allowing members to prioritize legacy system security projects based on the resources necessary to implement the solutions The cyber security mitigation strategies developed through this project can provide effective and implementable solutions for securing legacy systems. Product Title & Legacy System Mitigation Report: For the security issue selected, this report will provide the results of the risk assessment, risk mitigation solutions, guidelines for implementation, and estimates of technical resources required. 12/31/14 P Protective Measures for Securing T&D Systems (072132) Increasing the security of next-generation energy delivery systems will require a combination of new security architectures, tools, and procedures that provide end-to-end security and support defense-in-breadth strategies. These technologies and their communications protocols must support strong protective measures such as device and application authentication, access control, cryptography, and redundancy with failover mechanisms for continued operation.

7 7 Electric Power Research Institute Portfolio 2014 The objective of this project is to develop a security management architecture for transmission and distribution systems so that network operations centers (NOC), SCADA operations, substations, and field equipment supporting these functions have a consistent set of information security objects in place that are built on a standards-based taxonomy. This project intends to accomplish the following: Investigate available solutions for applying network management system (NMS) technology to power delivery systems. Extend EPRI's 2013 Project 183B research to focus on the implementation of IEC network security management objects. Investigate the application of emerging cyber-physical security devices for providing alerts to the NOC or other monitoring locations. This project may help members by providing the following: Vendor-agnostic measure of substation and field environment security postures Greater security operational awareness for asset owners and operators Evolution of network security management tools that are focused on power delivery systems As market-ready network management systems are available, members may apply the results of EPRI testing and demonstrations as they evaluate and deploy NMSs in their operating environment. Members may also integrate the NMS into their security monitoring systems and processes. Product Title & Guidelines for Applying Network Security Management: This report will describe a network security management architecture for power delivery systems founded on a consistent set of information security objects that are built on a standards-based taxonomy. 12/31/14 P Managing Cyber Security Incidents for T&D Systems (072133) Cyber security research for energy delivery systems has primarily focused on the prevention and detection of cyber incidents. While these efforts are important for the protection of control systems, they do not prepare for the eventuality of a cyber security incident. Energy delivery systems must also be resilient to cyber security incidents and continue to perform critical functions while under duress and during the recovery process. The first step in managing cyber security incidents involves detecting when they occur. However, the complexity of power systems often makes it difficult to detect when attacks are underway. Although individual intelligent electronic devices (IEDs) and systems may produce alerts and alarms for security events, they are often not correlated across distributed systems. Traditional intrusion detection systems (IDS) as well as security information and event management (SIEM) systems need to be tailored to understand attack profiles for power systems. This includes correlating the geographical and temporal nature of events. Additionally, events need to be correlated with the power system data to provide a complete situational awareness. Future work in this project will focus on network security visualization, decision support tools for operators, increasing grid resiliency, and improving the forensics capabilities of transmission and distribution systems.

8 8 Electric Power Research Institute Portfolio 2014 This project will develop methodologies to perform event correlation across distributed power systems and test them for robustness in EPRI s laboratories. The project may include the following steps: Survey current IDS systems for T&D systems to identify gaps Identify barriers to correlating events across disparate systems, such as a lack of standardized events Develop event correlation methodologies that include power systems features, such as geographic location and temporal properties of the event Perform tests in EPRI's event correlation test bed to verify the methodologies Examine ways to correlate event information with power system sensor data to increase situational awareness Work with IDS and SIEM vendors to incorporate findings into future products This project may help members address cyber security incidents in T&D systems by providing methods for real-time assisted detection of cyber events, creating an event correlation test bed for verifying methodologies, and increasing situational awareness by correlating events with power system sensor data. Members may be able to apply the results of this project to more effectively design, deploy, and manage their incident detection and response systems. Product Title & Distributed Cyber Security Event Correlation Methodologies: This report may include methods for correlating cyber security events from multiple operational domains and the results of testing the methods in a representative power system environment. 12/31/14 PS183D Cyber Security Design, Metrics, and Risk Assessment for Energy Delivery Systems (073556) Project Set This project set focuses on security challenges that affect multiple operational domains, such as designing security into products, developing security architectures, creating security metrics for the electric sector, and developing risk assessment methodologies that are designed for power systems. Project Number Project Title P Security Design and Architectures P Security Metrics for Energy Delivery Systems P Assessing and Monitoring Risks This project will focus on the implementation of security testing and evaluation requirements during the procurement process to reduce risks. This project intends to focus on providing metrics that measure the impact of different classes of security controls. This project intends to focus on a risk assessment process that will support the electric sector cyber security risk management maturity model developed by the DOE.

9 9 Electric Power Research Institute Portfolio 2014 P Security Design and Architectures (073557) Asset owner/operators need to deliver cost-effective and reliable power to their customers. Key components of this effort are the various operational systems and cyber assets that are deployed. To rely on these cyber assets, owner/operators must be assured that the cyber assets have been developed in a secure manner and that the necessary cyber security controls have been installed. In the same respect, owner/operators also need assurance that unnecessary or ineffective cyber security controls are not implemented. However, securing devices after they are deployed in a production environment is a difficult undertaking. The electric sector needs to establish a security requirement specification that is tailored for power delivery procurements and includes a prioritization that is related to a graded security index. This specification can be utilized during the procurement process to require suppliers to build security into their products and services. This project will focus on solutions for ensuring that procurement guidelines can be utilized by utilities as security requirements for prospective suppliers, and may include the following: Security requirement specification tailored for procurements Documentation, test, and evaluation evidence requirements needed for suppliers to show proof that they provide security in their products and services This project will help members as they procure products and services to address a more secure and modernized grid by providing: Security requirements that can be engrained in vendor products and solutions A reduced level of risk in the procurement phase for evaluated products and services This project is intended to help members acquire and deploy more secure supplier products and services to reduce security vulnerabilities that have been prevalent in the industry. Product Title & Security Requirements Specification for Suppliers: This report will include a set of security requirements for testing and evaluating suppliers and their products according to a graded security index. 12/20/14 P Security Metrics for Energy Delivery Systems (073558) While many asset owners and operators are performing self-assessments of their control systems, the methods and metrics used vary widely across the electric sector. This lack of consistent criteria and metrics makes it difficult to benchmark and compare the cyber security risk associated with energy delivery systems. It is also difficult to evaluate the impact of security efforts and calculate the return on investment for cyber security controls. Utilities are deploying a variety of tools and techniques to address current and emerging cyber security vulnerabilities and threats. A set of benchmarking criteria could be utilized to measure the effectiveness of

10 10 Electric Power Research Institute Portfolio 2014 implemented classes of security controls within energy delivery systems and the environments in which they reside. A process that measures and monitors the current state of risk-reducing controls would be very useful to the industry. The monitoring of the controls in place and the output of useful metrics can be used to benefit and improve a utility's cyber security program. Such metrics could also be used to provide senior management with an ongoing reporting process and support cyber security investment decisions in areas such as hardware, software, and personnel resources. Creating an effective set of cyber security metrics is a challenging endeavor. However, metrics may be useful in measuring the impact of different classes of security controls. They can be utilized to justify current and future investments in cyber security solutions and resources. This project will focus on developing metrics that utilities may use in assessing the classes of security controls that are implemented within their organization. A set of effective cyber security metrics may improve a utility s ability to measure the impact of different classes of cyber security controls and to understand the tradeoffs associated with cyber security investment decisions. This project may help members as they plan expenditures for cyber security resources. These metrics may be used to measure the value of continued and further investments in the overall cyber program. Product Title & Cyber Security Metrics for Implemented Security Controls: Metrics to measure the impact of different classes of security controls within the energy delivery systems environment. 12/20/14 P Assessing and Monitoring Risks (073559) Assessing and monitoring the cyber security posture for energy delivery systems is vital to understanding and managing cyber security risk. New metrics, methodologies, and tools are required to support real-time risk monitoring and decision making. A cyber security risk assessment provides the basis for determining the type, nature, and severity of cyber security risks facing a utility and provides the basis for all subsequent risk management decision making. A risk assessment includes identifying the threats, vulnerabilities, impacts, and likelihoods of cyber security events. A risk assessment process addresses malicious and non-malicious events and natural events. There are several risk assessment approaches available, but most are primarily focused on the IT and telecommunication sectors. A standardized risk-assessment approach for the electric sector is needed. DOE led an effort to develop a capability maturity model for the electric sector. This initiative defined specific criteria at several levels of maturity. This DOE model does not include criteria for assessing the implemented cyber security controls. This project will focus on developing a risk-assessment and monitoring methodology that members may use to assess the implemented security controls.

11 11 Electric Power Research Institute Portfolio 2014 This project will help members perform a cyber security risk assessment and continuous monitoring activities to determine the security posture of the utility, and identify residual risks. The cyber security risk assessment and continuous monitoring methodology developed through this project may be used to determine the security status of a utility, determine cyber security controls and measures, and identify residual risks. Product Title & Cyber Security Risk Assessment and Continuous Monitoring Methodology: A strategy for performing a risk assessment and providing results to determine the maturity level. 12/20/14

12 12 Electric Power Research Institute Portfolio 2014 NERC CIP Tools and Techniques (105241) Background, Objectives, and New Learning Supplemental Projects Cyber security standards have been developed as a result of continual threats to business and process control networks. In recent years, electric utilities that are part of the bulk electric system (BES) have established cyber security programs to ensure compliance with critical infrastructure protection (CIP) standards requirements of the North American Electric Reliability Corporation (NERC). Compliance with NERC CIP requirements is non-trivial and requires IT staff and control engineers to work together to implement and maintain a cyber security program for control systems. Version 5 of the NERC CIP Standards is currently under review by the Federal Energy Regulatory Commission (FERC) and pending their approval. Although compliance with the currently mandatory Version 3 of NERC CIP has been difficult for utilities, the upcoming Version 5 requirements will increase the scope of cyber assets that must be compliant. This will create significant challenges as new devices and systems come under the purview of CIP Version 5. Project and Summary The objective of this project is to provide techniques for transitioning to the upcoming NERC CIP Version 5 Standards. This will assist utilities in identifying gaps in current tools that have been employed to address the CIP requirements. This will lead to the development of solutions that can be used by asset owners to better validate and enhance the security posture of their critical cyber assets. The project may include topics such as: Identity access management Configuration change management Patch management Determination of BES cyber assets and BES cyber systems based on new Bright-Line Criteria Benefits This project intends to provide participants with the following benefits: Strategies and tools for transitioning existing cyber security programs from the current Version 3 to Version 5 Guidance and techniques for reaching effective regulatory compliance with Version 5 of the NERC CIP Standards

13 13 Electric Power Research Institute Portfolio 2014 Secure Remote Substation Access Solutions (105320) Background, Objectives, and New Learning There is an established need for secure remote substation access solutions that provide support for a wide range of IEDs including current, legacy and future devices, while still delivering the required level of cyber security and compliance support. Leveraging remote, interactive access capabilities with substations can provide new opportunities for data integration solutions such as fault location, asset optimization and power quality monitoring. Remote access systems may also reduce the number of times that field personnel are required to visit substations to retrieve IED configuration or event files for fault location and event analysis. However, balancing the functional requirements against cyber security and regulatory compliance requirements can be very difficult. This balance can be achieved through proper preparation, procedure implementation, and organizational support. The use of commercially available software packages can also ease these transition and implementation efforts. Guidance materials and reference standards relating to substation security, such as NERC CIP v3/4 and v5, the NISTIR 7628 and IEC 62351, should also be considered when developing remote access security requirements. The objective of this project is to investigate and address implementation challenges for Secure Remote Substation Access Security Solutions. This will enable effective application of existing solutions and foster new technology solutions. Project and Summary This project will explore and address a variety of implementation challenges facing Secure Remote Substation Access Solutions. The focus will be on solutions implemented in the electric sector for Transmission Substations, Distribution substations and remote field locations. For each identified challenge, the project team will study implementation options, best practices and capabilities/limitations regarding the challenge. This project may include the use of EPRI s Cyber Security Research Laboratory, as appropriate, to evaluate proposed solutions. EPRI will work with participants to establish and prioritize solution topics to study. A preliminary list of potential topics includes: NERC CIPv5 compliance to new or updated requirements Scalability of solutions of IEC on Remote Substation Access Solutions Universal IED tools/protocols vs. vendor proprietary tools/protocols of migration from command-line interfaces (CLI) on IEDs to web-based interfaces Use of multiple authentication devices/gateways to proxy connections Multiple user groups vs. single organizational owner Access policy/methods from outside the substation vs. inside the substation Coordination of access with operations for safety and situational awareness Asset management and maintenance correlation with Remote Substation Access tools Identification of specific devices that do not easily integrate with Remote Substation Access solutions. Management and tracking of IED configurations Patch management of IEDs

14 14 Electric Power Research Institute Portfolio 2014 EPRI will research and summarize existing industry documentation for the topics selected with a focus on implementation best practices, technology gaps, and new developments. Guidance materials and reference standards relating to substation security, such as NISTIR 7628, NERC CIPv5, IEC and others will also be utilized. The project will include an assessment of specific implementation challenges of remote substation access security solutions through laboratory testing with currently available vendor solutions. A workshop for participants will allow a hands-on approach to gain system familiarization and increased understanding of the implementation challenges discussed. Benefits Participants in this project will gain new knowledge and receive practical implementation guidance for a variety of options for establishing secure remote substation access solutions. This can improve participants abilities to address elements of cyber security standards (such as NERC CIP) through improved understanding of strategies and technology options. Participants may apply the knowledge gained from this project to derive the necessary system level requirements and more effectively implement a secure remote substation access solution.

Secure Remote Substation Access Solutions

Secure Remote Substation Access Solutions Secure Remote Substation Access Solutions Supplemental Project - Introduction Webcast October 16, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com

More information

future data and infrastructure

future data and infrastructure White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal

More information

Panel Session: Lessons Learned in Smart Grid Cybersecurity

Panel Session: Lessons Learned in Smart Grid Cybersecurity PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory

More information

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit Page 1 of 10 Events Partners Careers Contact Facebook Twitter LinkedIn Pike Research Search search... Home About Research Consulting Blog Newsroom Media My Pike Logout Overview Smart Energy Clean Transportation

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Boeing Defense, Space & Security Ventures Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Tristan Glenwright - Boeing BOEING is a trademark of Boeing Management Company. The

More information

Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!

Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! October 3, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber

More information

Cybersecurity Risk Assessment in Smart Grids

Cybersecurity Risk Assessment in Smart Grids Cybersecurity Risk Assessment in Smart Grids Lucie Langer, Paul Smith, Thomas Hecht firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Symposium 2014 Sept 30, 2014 1 Risk Assessment:

More information

EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013

EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013 EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013 1 AGENDA Why Cybersecurity? A Few Helpful Cybersecurity Concepts Developing Expertise:

More information

This chapter provides an overview of cyber security issues and activities by state and federal organizations Cyber security is an ongoing, high

This chapter provides an overview of cyber security issues and activities by state and federal organizations Cyber security is an ongoing, high This chapter provides an overview of cyber security issues and activities by state and federal organizations Cyber security is an ongoing, high priority, active initiative within the utility industry.

More information

Information Bulletin

Information Bulletin Public Policy Division Impact of NIST Guidelines for Cybersecurity Prepared by UTC Staff 1. Introduction... 3 2. Cybersecurity Landscape... 3 3. One Likely Scenario... 5 4. Draft NISTIR 7628, Guidelines

More information

Risk Management in Practice A Guide for the Electric Sector

Risk Management in Practice A Guide for the Electric Sector Risk Management in Practice A Guide for the Electric Sector Annabelle Lee Senior Technical Executive ICCS European Engagement Summit April 28, 2015 Before we continue let s get over our fears and myths

More information

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014 Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014 Victoria Yan Pillitteri Advisor for Information Systems Security

More information

IEEE-Northwest Energy Systems Symposium (NWESS)

IEEE-Northwest Energy Systems Symposium (NWESS) IEEE-Northwest Energy Systems Symposium (NWESS) Paul Skare Energy & Environment Directorate Cybersecurity Program Manager Philip Craig Jr National Security Directorate Sr. Cyber Research Engineer The Pacific

More information

April 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

April 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 Salt River Project P.O. Box 52025 Mail Stop: CUN204 Phoenix, AZ 85072 2025 Phone: (602) 236 6011 Fax: (602) 629 7988 James.Costello@srpnet.com James J. Costello Director, Enterprise IT Security April 8,

More information

NERC CIP Tools and Techniques

NERC CIP Tools and Techniques NERC CIP Tools and Techniques Supplemental Project - Introduction Webcast Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com (843) 619-0050 October

More information

TRIPWIRE NERC SOLUTION SUITE

TRIPWIRE NERC SOLUTION SUITE CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering

More information

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas

More information

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Utilities WHITE PAPER May 2013 INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Table of Contents Introduction...3 Problem Statement...4 Solution Requirements...5 Components of an Integrated

More information

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios Lucie Langer and Paul Smith firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Workshop Monday 29 th September,

More information

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/ 287-1808

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/ 287-1808 cover_comp_01 9/9/02 5:01 PM Page 1 For further information, please contact: The President s Critical Infrastructure Protection Board Office of Energy Assurance U.S. Department of Energy 202/ 287-1808

More information

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191 Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3

More information

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council Voluntary Cybersecurity Initiatives in Critical Infrastructure Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org 2014 Utilities Telecom Council Utility cybersecurity environment is full of collaborations

More information

Feature. SCADA Cybersecurity Framework

Feature. SCADA Cybersecurity Framework Feature Samir Malaviya, CISA, CGEIT, CSSA, works with the Global Consulting Practice-GRC practice of Tata Consultancy Services and has more than 17 years of experience in telecommunications, IT, and operation

More information

How Much Cyber Security is Enough?

How Much Cyber Security is Enough? How Much Cyber Security is Enough? Business Drivers of Cyber Security Common Challenges and Vulnerabilities Cyber Security Maturity Model Cyber Security Assessments September 30, 2010 Business in the Right

More information

NERC CIP VERSION 5 COMPLIANCE

NERC CIP VERSION 5 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining

More information

North American Electric Reliability Corporation (NERC) Cyber Security Standard

North American Electric Reliability Corporation (NERC) Cyber Security Standard North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation

More information

Summary of CIP Version 5 Standards

Summary of CIP Version 5 Standards Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have

More information

CIP Supply Chain Risk Management (RM15 14 000) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016

CIP Supply Chain Risk Management (RM15 14 000) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016 CIP Supply Chain Risk Management (RM15 14 000) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016 My name is Jacob Olcott and I am pleased to share some observations on

More information

Enterprise Security Tactical Plan

Enterprise Security Tactical Plan Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise

More information

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper Best Practices in ICS Security for Device Manufacturers A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security

More information

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE COMMITTEE ON ENERGY AND NATURAL RESOURCES UNITED STATES SENATE

More information

TECHNOLOGIES: KEY MARKET FORECASTS: GEOGRAPHIES:

TECHNOLOGIES: KEY MARKET FORECASTS: GEOGRAPHIES: Smart Grid Cyber Security System Reliability, Defense-in-Depth, Business Continuity, Change Management, Secure Telecommunications, Endpoint Protection, Identity Management, and Security Event Management

More information

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity October 10, 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 RE: Experience with the Framework for Improving Critical Infrastructure

More information

System Stability through technology

System Stability through technology System Stability through technology 1 Smart Grid Design Goals More increased capabilities More capabilities at the edge and enterprise, pervasive automation Better faster, more reliable & secure The electric

More information

ENERGY SECTOR CYBERSECURITY FRAMEWORK IMPLEMENTATION GUIDANCE

ENERGY SECTOR CYBERSECURITY FRAMEWORK IMPLEMENTATION GUIDANCE ENERGY SECTOR CYBERSECURITY FRAMEWORK IMPLEMENTATION GUIDANCE JANUARY 2015 U.S. DEPARTMENT OF ENERGY OFFICE OF ELECTRICITY DELIVERY AND ENERGY RELIABILITY Energy Sector Cybersecurity Framework Implementation

More information

William Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly

William Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly William Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly Ramesh Karri (rkarri@poly.edu) Associate Professor, Electrical and Computer Engineering NYU-Poly Why is cyber

More information

Update On Smart Grid Cyber Security

Update On Smart Grid Cyber Security Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats

More information

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008 U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October

More information

Maturation of a Cyber Security Incident Prevention and Compliance Program

Maturation of a Cyber Security Incident Prevention and Compliance Program Maturation of a Cyber Security Incident Prevention and Compliance Program Utilities & Energy Compliance & Ethics Conference February 25, 2013 Houston, Texas Anna Wang Principal Consultant Imminent Cyber

More information

Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security

Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security The Smart Grid Interoperability Panel Cyber Security Working Group September 2010 Table of Contents Table of Contents...2 1. Introduction

More information

Symphony Plus Cyber security for the power and water industries

Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries

More information

ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?

ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security? ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security? Agenda Threats Risk Assessment Implementation Validation Advanced Security Implementation Strategy

More information

OEB Smart Grid Advisory Committee

OEB Smart Grid Advisory Committee Meeting Summary OEB Smart Grid Advisory Committee Meeting Date: October 1, 2013 Time: 9:30 am 4:00 pm Location: OEB Offices, 2300 Yonge Street The Meeting Summary provides a high level review of the presentations

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

Which cybersecurity standard is most relevant for a water utility?

Which cybersecurity standard is most relevant for a water utility? Which cybersecurity standard is most relevant for a water utility? Don Dickinson 1 * 1 Don Dickinson, Phoenix Contact USA, 586 Fulling Mill Road, Middletown, Pennsylvania, USA, 17057 (*correspondence:

More information

Cyber Security Seminar KTH 2011-04-14

Cyber Security Seminar KTH 2011-04-14 Cyber Security Seminar KTH 2011-04-14 Defending the Smart Grid erik.z.johansson@se.abb.com Appropriate Footer Information Here Table of content Business Drivers Compliance APT; Stuxnet and Night Dragon

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample

More information

Data Security Concerns for the Electric Grid

Data Security Concerns for the Electric Grid Data Security Concerns for the Electric Grid Data Security Concerns for the Electric Grid The U.S. power grid infrastructure is a vital component of modern society and commerce, and represents a critical

More information

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project EEI Business Continuity Conference Threat Scenario (TSP) April 4, 2012 EEI Threat Scenario 1 Background EEI, working with a group of CIOs and Subject Matter Experts, conducted a survey with member companies

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to

More information

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY IG MATURITY MODEL FOR FY 2015 FISMA 1 Ad-hoc 1.1 program is not formalized and activities are performed in a reactive manner resulting in an adhoc program that does not meet 2 requirements for a defined

More information

National Institute of Standards and Technology Smart Grid Cybersecurity

National Institute of Standards and Technology Smart Grid Cybersecurity National Institute of Standards and Technology Smart Grid Cybersecurity Vicky Yan Pillitteri Advisor for Information Systems Security SGIP SGCC Chair Victoria.yan@nist.gov 1 The National Institute of Standards

More information

Applying IBM Security solutions to the NIST Cybersecurity Framework

Applying IBM Security solutions to the NIST Cybersecurity Framework IBM Software Thought Leadership White Paper August 2014 Applying IBM Security solutions to the NIST Cybersecurity Framework Help avoid gaps in security and compliance coverage as threats and business requirements

More information

Navigate Your Way to NERC Compliance

Navigate Your Way to NERC Compliance Navigate Your Way to NERC Compliance NERC, the North American Electric Reliability Corporation, is tasked with ensuring the reliability and safety of the bulk power system in North America. As of 2010,

More information

Understanding SCADA System Security Vulnerabilities

Understanding SCADA System Security Vulnerabilities Understanding SCADA System Security Vulnerabilities Talking Points Executive Summary Common Misconceptions about SCADA System Security Common Vulnerabilities Affecting SCADA Networks Tactics to Strengthen

More information

Security in the smart grid

Security in the smart grid Security in the smart grid Security in the smart grid It s hard to avoid news reports about the smart grid, and one of the media s favorite topics is security, cyber security in particular. It s understandable

More information

Document ID. Cyber security for substation automation products and systems

Document ID. Cyber security for substation automation products and systems Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has

More information

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation

More information

Cyber Security Compliance (NERC CIP V5)

Cyber Security Compliance (NERC CIP V5) Cyber Security Compliance (NERC CIP V5) Ray Wright NovaTech, LLC Abstract: In December 2013, the Federal Energy Regulatory Commission (FERC) issued Order No. 791 which approved the Version 5 CIP Reliability

More information

Communication Security Measures for SCADA Systems

Communication Security Measures for SCADA Systems Communication Security Measures for SCADA Systems Ron Farquharson, MV Consulting, DNP User Group Jim Coats, Triangle MicroWorks, DNP User Group Joe Stevens, Triangle MicroWorks 23 September 2014, Raleigh,

More information

Cyber Security Health Test

Cyber Security Health Test ENERGY Cyber Security Health Test Robin Massink 20-05-2014 1 DNV GL 2013 2014 20-12-2013 SAFER, SMARTER, GREENER Cyber security issues facing the utility industry We are moving from IEC60870-5-101/ DNP3

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage. Executive Summary Statement of Nadya Bartol Vice President, Industry Affairs and Cybersecurity Strategist Utilities Telecom Council Before the Subcommittee on Oversight and Subcommittee on Energy Committee

More information

Energy Cybersecurity Regulatory Brief

Energy Cybersecurity Regulatory Brief Energy Understand the regulations that impact the energy industry and accelerate information security initiatives. Contents Overview 3 A Highly Vulnerable Energy Industry 4 Key Regulations to Consider

More information

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)

More information

Cyber Security & State Energy Assurance Plans

Cyber Security & State Energy Assurance Plans Cyber Security & State Energy Assurance Plans Michigan Cyber Summit 2011 Friday, October 7, 2011 Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials What is Energy

More information

ISACA North Dallas Chapter

ISACA North Dallas Chapter ISACA rth Dallas Chapter Business Continuity Planning Observations of Critical Infrastructure Environments Ron Blume, P.E. Ron.blume@dyonyx.com 214-280-8925 Focus of Discussion Business Impact Analysis

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity Enhancement Account. FY 2017 President s Budget Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities

More information

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What

More information

PROJECT BOEING SGS. Interim Technology Performance Report 1. Company Name: The Boeing Company. Contract ID: DE-OE0000191

PROJECT BOEING SGS. Interim Technology Performance Report 1. Company Name: The Boeing Company. Contract ID: DE-OE0000191 Interim Techlogy Performance Report 1 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V2 Company Name: The Boeing Company December 10, 2012 1 Interim Techlogy Performance Report 1

More information

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) Whitepaper North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) NERC-CIP Overview The North American Electric Reliability Corporation (NERC) is a

More information

Click to edit Master title style

Click to edit Master title style EVOLUTION OF CYBERSECURITY Click to edit Master title style IDENTIFYING BEST PRACTICES PHILIP DIEKHOFF, IT RISK SERVICES TECHNOLOGY THE DARK SIDE AGENDA Defining cybersecurity Assessing your cybersecurity

More information

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used

More information

Strategic Plan On-Demand Services April 2, 2015

Strategic Plan On-Demand Services April 2, 2015 Strategic Plan On-Demand Services April 2, 2015 1 GDCS eliminates the fears and delays that accompany trying to run an organization in an unsecured environment, and ensures that our customers focus on

More information

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC. Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies

More information

RESEARCH CALL TO DOE/FEDERAL LABORATORIES. Cybersecurity for Energy Delivery Systems Research Call RC-CEDS-2012-02

RESEARCH CALL TO DOE/FEDERAL LABORATORIES. Cybersecurity for Energy Delivery Systems Research Call RC-CEDS-2012-02 RESEARCH CALL TO DOE/FEDERAL LABORATORIES Cybersecurity for Energy Delivery Systems Research Call RC-CEDS-2012-02 CONTACT: Diane Hooie, Project Manager TELEPHONE NUMBER: (304) 285-4524 FAX NUMBER: (304)

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Unified Security Management

Unified Security Management Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy

More information

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which

More information

NERC CIP Standards and NIST Smart Grid Update

NERC CIP Standards and NIST Smart Grid Update NERC CIP Standards and NIST Smart Grid Update Keith Stouffer Program Manager National Institute of Standards and Technology Keith.stouffer@nist.gov Topics NERC Critical Infrastructure Protection (CIP)

More information

Roadmaps to Securing Industrial Control Systems

Roadmaps to Securing Industrial Control Systems Roadmaps to Securing Industrial Control Systems Insert Photo Here Mark Heard Eastman Chemical Company Rockwell Automation Process Solutions User Group (PSUG) November 14-15, 2011 Chicago, IL McCormick

More information

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Best Practices in ICS Security for System Operators. A Wurldtech White Paper Best Practices in ICS Security for System Operators A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security

More information

LogRhythm and NERC CIP Compliance

LogRhythm and NERC CIP Compliance LogRhythm and NERC CIP Compliance The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is reliable, adequate

More information

U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO

U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW November 12, 2012 NASEO ISER Response: from site focused to system focused Emergency Preparedness, Response, and Restoration Analysis and

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

Response to NIST: Developing a Framework to Improve Critical Infrastructure Cybersecurity

Response to NIST: Developing a Framework to Improve Critical Infrastructure Cybersecurity National Grid Overview National Grid is an international electric and natural gas company and one of the largest investor-owned energy companies in the world. We play a vital role in delivering gas and

More information

Steve Lusk Alex Amirnovin Tim Collins

Steve Lusk Alex Amirnovin Tim Collins Steve Lusk Alex Amirnovin Tim Collins ViaSat Inc. Cyber-intrusion Auto-response and Policy Management System (CAPMS) Cybersecurity for Energy Delivery Systems Peer Review August 5-6, 2014 Summary: Cyber-intrusion

More information

NIST Cybersecurity Framework Overview

NIST Cybersecurity Framework Overview NIST Cybersecurity Framework Overview Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises Executive Order

More information

What Risk Managers need to know about ICS Cyber Security

What Risk Managers need to know about ICS Cyber Security What Risk Managers need to know about ICS Cyber Security EIM Risk Managers Conference February 18, 2014 Joe Weiss PE, CISM, CRISC, ISA Fellow (408) 253-7934 joe.weiss@realtimeacs.com ICSs What are they

More information

Obtaining Enterprise Cybersituational

Obtaining Enterprise Cybersituational SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational

More information

SCADA Security Measures

SCADA Security Measures Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA SCADA Security Measures

More information

Securing the Electric Grid with Common Cyber Security Services Jeff Gooding

Securing the Electric Grid with Common Cyber Security Services Jeff Gooding Securing the Electric Grid with Common Cyber Security Services Jeff Gooding TCIPG Seminar April 4, 2014 Southern California Edison (SCE) is committed to safely providing reliable and affordable electricity

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

The Importance of Cybersecurity Monitoring for Utilities

The Importance of Cybersecurity Monitoring for Utilities The Importance of Cybersecurity Monitoring for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive

More information

Domain 1 The Process of Auditing Information Systems

Domain 1 The Process of Auditing Information Systems Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge

More information