Cyber Security Compliance (NERC CIP V5)



Similar documents
Summary of CIP Version 5 Standards

NERC CIP Tools and Techniques

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Standard CIP 007 3a Cyber Security Systems Security Management

NERC CIP VERSION 5 COMPLIANCE

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

NovaTech NERC CIP Compliance Document and Product Description Updated June 2015

Notable Changes to NERC Reliability Standard CIP-005-5

NERC Cyber Security Standards

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Standard CIP Cyber Security Systems Security Management

Alberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5

Cyber Security Standards Update: Version 5

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

TOP 10 CHALLENGES. With suggested solutions

Notable Changes to NERC Reliability Standard CIP-010-3

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

LogRhythm and NERC CIP Compliance

Technology Solutions for NERC CIP Compliance June 25, 2015

Implementation Plan for Version 5 CIP Cyber Security Standards

Redesigning automation network security

NERC CIP Compliance with Security Professional Services

How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework

Information Shield Solution Matrix for CIP Security Standards

152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ]

Control System Integrity (CSI) Tools and Processes to Automate CIP Compliance for Control Systems

The first step in protecting Critical Cyber Assets is identifying them. CIP-002 focuses on this identification process.

NERC CIP Compliance. Dave Powell Plant Engineering and Environmental Performance. Presentation to 2009 BRO Forum

Reclamation Manual Directives and Standards

RuggedCom Solutions for

WHITE PAPER CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1

Verve Security Center

Cyber Security for NERC CIP Version 5 Compliance

Automating NERC CIP Compliance for EMS. Walter Sikora 2010 EMS Users Conference

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

TRIPWIRE NERC SOLUTION SUITE

Alberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5

Safety Share Who is Cleco? CIP-005-3, R5 How What

CIP Cyber Security Security Management Controls

CIP R1 & R2: Configuration Change Management

NERC CIP Substation Cyber Security Update. John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

Cyber Security Standards Update: Version 5 with Revisions

GE Measurement & Control. Cyber Security for NERC CIP Compliance

CIP v5/v6 Implementation Plan CIP v5 Workshop. Tony Purgar October 2-3, 2014

Strong Security in NERC CIP Version 5: Unidirectional Security Gateways

John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

Alberta Reliability Standard Cyber Security Implementation Plan for Version 5 CIP Security Standards CIP-PLAN-AB-1

Client Security Risk Assessment Questionnaire

SecFlow Security Appliance Review

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

How ByStorm Software enables NERC-CIP Compliance

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Document ID. Cyber security for substation automation products and systems

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn

Continuous Compliance for Energy and Nuclear Facility Cyber Security Regulations

Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

Cyber Security Standards: Version 5 Revisions. Security Reliability Program 2015

Alberta Reliability Standard Cyber Security Personnel & Training CIP-004-AB-5.1

Alberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

ReliabilityFirst CIP Evidence List CIP-002 through CIP-009 are applicable to RC, BA, IA, TSP, TO, TOP, GO, GOP, LSE, NERC, & RE

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

CIP Cyber Security Electronic Security Perimeter(s)

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

CIP R2 BES Assets Containing Low Impact BCS. Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security

When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard.

Lessons Learned CIP Reliability Standards

EnergySec Partnered Webinar with MetricStream Transitioning to NERC CIP Version 5: What Does it Mean for Electric Utilities JANUARY 28, 2015

Open Enterprise Architectures for a Substation Password Management System

Ovation Security Center Data Sheet

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Cyber security tackling the risks with new solutions and co-operation Miikka Pönniö

Secure Remote Substation Access Solutions

74% 96 Action Items. Compliance

North American Electric Reliability Corporation (NERC) Cyber Security Standard

NERC CIP Compliance Gaining Oversight with ConsoleWorks

Secure Substation Automation for Operations & Maintenance

Supporting our customers with NERC CIP compliance. James McQuiggan, CISSP

Ovation Security Center Data Sheet

Automation Suite for. 201 CMR Compliance

FINAL May Guideline on Security Systems for Safeguarding Customer Information

SYMMETRY WHITE PAPER. Support for Critical Infrastructure Protection (CIP) Cyber Security Standards. Adam Shane

Cyber Security and Privacy - Program 183

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

BSM for IT Governance, Risk and Compliance: NERC CIP

Transcription:

Cyber Security Compliance (NERC CIP V5) Ray Wright NovaTech, LLC Abstract: In December 2013, the Federal Energy Regulatory Commission (FERC) issued Order No. 791 which approved the Version 5 CIP Reliability Standards. These contain revised versions of the currently effective NERC CIP Reliability Standards, CIP-002-5 through CIP-009-5 as well as two new CIP Reliability Standards, CIP-010-1 and CIP-011-1. Utilities will transition directly from the Version 3 Standards to the Version 5 Standards. Affected energy providers must be compliant for High and Medium Impact BES Cyber Systems by April 1, 2016, and Low Impact BES Cyber Systems by April 1, 2017. This presentation will summarize the new Version 5 requirements, review how utilities are planning to meet requirements and highlight areas of greatest concern

Topics Review of Version 5 Changes Review Major Challenges in Transitioning to Version 5 Review the Need for Automation in Meeting Version 5 The Intermediate System Configuration Management Review of Automation Solutions

Current NERC CIP Documents CIP 002 3 Cyber Security Critical Cyber Asset Identification CIP 003 3 Cyber Security Security Management Controls CIP 004 3 Cyber Security Personnel and Training CIP 005 3 Cyber Security Electronic Security Perimeter(s) CIP 006 3 Cyber Security Physical Security CIP 007 3 Cyber Security Systems Security Management CIP 008 3 Cyber Security Incident Reporting and Response Planning CIP 009 3 Cyber Security Recovery Plans for Critical Cyber Assets

NERC CIP Documents Version 5 CIP 002 5 Cyber Security BES Cyber System Categorization CIP 003 5 Cyber Security Security Management Controls CIP 004 5 Cyber Security Personnel and Training CIP 005 5 Cyber Security Electronic Security Perimeter(s) CIP 006 5 Cyber Security Physical Security of BES Cyber Systems CIP 007 5 Cyber Security Systems Security Management CIP 008 5 Cyber Security Incident Reporting and Response Planning CIP 009 5 Cyber Security Recovery Plans for BES Cyber Systems (new) CIP 010 1 Cyber Security Configuration Change Mgmt. and Vulnerability Assessments (new) CIP 011 1 Cyber Security Information Protection (new) CIP 014 1 Cyber Security Physical Security

Version 5 Introduces New Definitions Cyber Asset Programmable electronic devices, including the hardware, software, and data in those devices. BES Cyber Asset A Cyber Asset that if rendered unavailable, degraded, or misused would affect the reliable operation of the Bulk Electric System. BES Cyber System One or more BES Cyber Assets logically grouped to perform one or more reliability tasks. Bulk Electric System generally 100kV or higher.

Improved Definition of Criticality V3/V4 V5 High Critical Medium Non-Critical Other Low Any BES Cyber Asset not High or Medium is by default Low Non-Critical

Version 5 Expands Definition of Applicable Systems Electronic Access Control or Monitoring Systems (EACMS) Applies to each Electronic Access Control or Monitoring System associated with a referenced high impact BES Cyber System or medium impact BES Cyber System. Examples may include, but are not limited to, firewalls, authentication servers, and log monitoring and alerting systems. Physical Access Control Systems (PACS) Applies to each Physical Access Control System associated with a referenced high impact BES Cyber System or medium impact BES Cyber System with External Routable Connectivity. Protected Cyber Assets (PCA) Applies to each Protected Cyber Asset associated with a referenced high impact BES Cyber System or medium impact BES Cyber System

Other Significant Changes V3/4 to V5 Must now use an intermediate device between User and Critical Asset The exemption of Cyber Assets from applicability to the NERC CIP standards based on communication characteristics no longer applies. Must remove/disable both unused software ports and unused hardware points Improved definition for patching Defines the source of the patches (also hot fixes and updates ) Provides better definition of release date and availability date If installing the patch introduces more risk than the vulnerability represents, an alternate process is defined Does not mandate anti-virus software Requires security monitoring points and more.

Top 10 Transition Challenges

The intermediate system is automation The Need for Automation in Meeting NERC CIP 5

System without Intermediate System System User Broadband Connection No longer permitted Critical Cyber Assets Electronic Security Perimeter

Intermediate System Networked Servers Intermediate System that restricts access to only authorized users System User Remote Connection and Password Managers Broadband Connection Critical Cyber Assets Electronic Security Perimeter

Remote Connection and Password Management System System User Encrypted Networked Servers All users who interact with substation assets login to the system System manages all user passwords and permission System manages the details of all connections to substation assets Broadband Connection System manages passwords in the substation assets Critical Cyber Assets Electronic Security Perimeter August 30, 2014 Presentation title

Online demonstration Remote Connection and Password Management System August 30, 2014 Presentation title

The Need for Automation in Meeting NERC CIP 5 Configuration Management August 30, 2014 Presentation title

Configuration Management (cont.) The Need for Automation in Meeting NERC CIP 5 Automation can make this much easier Etc. August 30, 2014 Presentation title

System Operation Example Configuration Retrieval Configuration data from substation assets collected by substation security appliance and forwarded to servers for comparison Substation Security Appliance Substation Security Appliance 17 Return to Table of Contents

Configuration Retrieval Steps 18 Return to Table of Contents

Configuration Retrieval Steps 19 Return to Table of Contents

Configuration Retrieval Steps 20 Return to Table of Contents

Configuration Retrieval Steps 21 Return to Table of Contents

For many utilities, NERC CIP V5 will be difficult to meet without some automation Conclusions Automation solutions are being developed to meet your needs 22 Return to Table of Contents

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information