Cyber Security Risk Elements. Ben Christensen Senior Compliance Risk Analyst, Cyber Security

Similar documents
IRA Risk Factors Update for CIP. Ben Christensen Senior Compliance Risk Analyst, Cyber Security October 14, 2015

Standard CIP Cyber Security Systems Security Management

NERC CIP Compliance with Security Professional Services

Automating NERC CIP Compliance for EMS. Walter Sikora 2010 EMS Users Conference

Standard CIP 007 3a Cyber Security Systems Security Management

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

ERCOT Design and Implementation of Internal Controls and benefits for NERC CMEP/RAI

UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION

Cyber Security Compliance (NERC CIP V5)

Program Guide for Risk-based Compliance Monitoring and Enforcement Program. ERA-01 Rev. 1. NPCC Manager, Entity Risk Assessment

LogRhythm and NERC CIP Compliance

CIP R2 BES Assets Containing Low Impact BCS. Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security

Jenifer Vallace Associate Cyber Security Analyst. Best User Reporting Practices September 24, 2013 CIP 101

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

Implementation Plan for Version 5 CIP Cyber Security Standards

AURORA Vulnerability Background

Summary of CIP Version 5 Standards

Plans for CIP Compliance

NERC CIP VERSION 5 COMPLIANCE

Effective Use of Assessments for Cyber Security Risk Mitigation

TRIPWIRE NERC SOLUTION SUITE

Standard CIP 004 3a Cyber Security Personnel and Training

SecureVue Product Brochure

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

NERC Cyber Security Standards

Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard

Internal Controls And Good Utility Practices. Ruchi Ankleshwaria Manager, Compliance Risk Analysis

Standard CIP Cyber Security Security Management Controls

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Keshav Sarin CIP Enforcement Analyst. BURP (Best User Reporting Practices) February 11, 2011 Marina del Rey, California

How To Manage Security On A Networked Computer System

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method

Sarbanes-Oxley Compliance for Cloud Applications

Change and Configuration Management

Cyber Security Standards Update: Version 5

CIP R1 & R2: Configuration Change Management

Tyson Jarrett CIP Enforcement Analyst. Best Practices for Security Patch Management October 24, 2013 Anaheim, CA

Notable Changes to NERC Reliability Standard CIP-005-5

1 Introduction Product Description Strengths and Challenges Copyright... 5

Verve Security Center

CIP Cyber Security Security Management Controls

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Department of Management Services. Request for Information

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

Building Insecurity Lisa Kaiser

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

ForeScout CounterACT and Compliance June 2012 Overview Major Mandates PCI-DSS ISO 27002

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

Top 10 Compliance Issues for Implementing Security Programs

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

North American Electric Reliability Corporation (NERC) Cyber Security Standard

GE Intelligent Platforms. Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems

Property of NBC Universal

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, Electric Grid Operations

Manitoba Hydro. Web version. Managing Cyber Security Risk Related to Industrial Control Systems

Attached are the Board materials in relation to these agenda items. Item ERCOT Public

The North American Electric Reliability Corporation ( NERC ) hereby submits


Alberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Control System Integrity (CSI) Tools and Processes to Automate CIP Compliance for Control Systems

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, Electric Grid Operations

INFORMATION SECURITY California Maritime Academy

Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015

NERC Alert System Overview

Level 3 Public Use. Information Technology. Log/Event Management Guidelines

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

2016 Business Plan and Budget. Texas Reliability Entity, Inc. Approved by Texas RE Board of Directors. Date: May 21, 2015

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions. Electric Grid Operations

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity

Lessons Learned CIP Reliability Standards

Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard

Muscle to Protect Your Grid July Sustainable and Cost-effective Muscle to Protect Your Grid

NB Appendix CIP NB-1 - Cyber Security Personnel & Training

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1

Cyber Security Services: Data Loss Prevention Monitoring Overview

NERC CIP Substation Cyber Security Update. John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

Critical Asset Security Enhancementation - A Review

ISACA North Dallas Chapter

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

IEEE-Northwest Energy Systems Symposium (NWESS)

PDS (The Planetary Data System) Information Technology Security Plan for The Planetary Data System: [Node Name]

Meeting NERC CIP Access Control Standards. Presented on February 12, 2014

CIP Electronic Security Perimeter (ESP) - Dan Mishra FRCC Compliance Workshop May 09-13, 2011

Enabling Security Operations with RSA envision. August, 2009

NERC CIP Tools and Techniques

Attachment A. Identification of Risks/Cybersecurity Governance

John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

Airports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions

NEC Managed Security Services

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Regulatory Compliance Management for Energy and Utilities

Navigate Your Way to NERC Compliance

SecFlow Security Appliance Review

Bring Your Own Device (BYOD) & Customer Data Protection Are You Ready?

Critical Controls for Cyber Security.

Ask SME and Learn. NRC Cyber Security Oversight. Cyber Security Directorate

Transcription:

Cyber Security Risk Elements Ben Christensen Senior Compliance Risk Analyst, Cyber Security

2 Agenda What are Risk Elements? Risk Element Identification How will WECC use Risk Elements? What does this mean for you?

3 Overview of Risk Based Framework

4 Why Are Risks Important? Read More

5 Risk Elements Identification

6 Risk Elements Identification NERC Guide describes process for identification and prioritization of enterprise-wide risks Replaces prior actively monitored lists Considers region specific risks

7 Risk Elements Identification What has WECC done so far? During August and September, Compliance Risk Analysis and the auditors collaborated to identify WECC-wide risk elements Some inputs to the process NERC Identified Risk Elements WECC Reliability Challenges Audit and Violation History Professional experience and judgment from Audit, Enforcement and Risks Analysis teams

8 Risk Elements Identification O&P Risks 1. Human Performance 2. Equipment Failure 3. Variable Generation Integration 4. Protection System Reliability 5. Situational Awareness 6. Changing Load Composition 7. Vegetation and Right of Way issues 8. Transmission Planning Adequacy 9. High-Impact Low-Frequency Events 10. Adequacy of Reserves

Risk Elements Identification Cyber Security Risks 9 1. Event and incident response, continuity of operations 2. Threat and vulnerability management 3. Risk management 4. Asset and configuration management 5. Identity and access management 6. Situational awareness

Risk Elements Identification Associated Standards Audit and Risk Analysis team identified NERC Standards and Requirements that mitigate risk elements Mitigation is a relative thing! Each requirement mitigates some risk 10

Risk Elements Identification Associated Standards 11 Event & Incident Response, Continuity of Operations CIP-007 R6 CIP-008 R1 CIP-009 R2

Risk Elements Identification Event and incident response, continuity of operations Establishing & maintaining cyber security plans, procedures, and technologies to: Detect events Analyze events Respond to events Sustain operations Examples: Cyber security events Types and numbers of devices 12

Risk Elements Identification Associated Standards 13 Threat & Vulnerability Management CIP-005-3 R4 CIP-007-3 R8 CIP-008-3 R1

Risk Elements Identification Threat and vulnerability management Identifying & responding to threats Cyber security vulnerabilities Examples: Cyber security events Types and number of systems and devices 14

Risk Elements Identification Associated Standards 15 Risk Management CIP-002 R1 CIP-008 R1

Risk Elements Identification Risk management Establishing, operating, and maintaining an enterprise cyber security risk management program to: Identify Analyze Mitigate Examples: Cyber security events Numbers of Critical Assets, Critical Cyber Assets and Non-Critical Assets 16

Risk Elements Identification Associated Standards 17 Asset & Configuration Management CIP-002-3 R2 CIP-002-3 R3 CIP-003-3 R6 CIP-005-3 R1 CIP-007-3 R1 CIP-007-3 R2 CIP-007-3 R3 CIP-007-3 R4

Risk Elements Identification Asset and configuration management Manage asset inventory Manage asset configuration Manage changes to assets Examples: Numbers and types of devices Numbers of Critical Assets, Critical Cyber Assets, and Non-Critical Assets 18

Risk Elements Identification Associated Standards 19 Identity & Access Management CIP-004-3 R4 CIP-005-3 R2 CIP-006-3 R1 CIP-006-3 R4 CIP-007-3 R5

Risk Elements Identification Identity and access management Establish & maintain identities Control access to assets Logical & physical Examples: Types and numbers of Accounts Users Remote access 20

Risk Elements Identification Associated Standards 21 Situational Awareness CIP-005 R3 CIP-006 R5 CIP-007 R6

Risk Elements Identification Situational awareness Collect, analyze, alarm, present, and use power system and cyber security information Logging Monitoring Establishing the condition of assets Near real-time knowledge of your environment Examples: Numbers and types of devices Cyber security events 22

23 How will WECC use Risk Elements? Used to determine implementation plan and actively monitored standards Provides input into the IRA process Allows to focus internal controls

24 What do Risk Elements mean for you? Act Add new internal controls Improve existing internal controls Plan Know which risks apply to you Check Evaluate internal controls associated with applicable risks Do Categorize the applicable risks Prioritize the applicable risks

25 References NERC Risk Elements guide WECC 2015 CMEP IP CUG RAI Presentation ES-C2M2 WECC Reliability Challenges White Paper NERC RISC Reports Working Group Reports HPWG PSWG

Speaker Contact Info Ben Christensen Senior Compliance Risk Analyst, Cyber Security 801-819-7666 bchristensen@wecc.biz

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information