Critical Infrastructure Protection Committee Meeting
|
|
- Kathryn Marshall
- 5 years ago
- Views:
Transcription
1 Critical Infrastructure Protection Committee Meeting September 15-16, 2015 New Orleans, LA *All presentations are posted with the written consent of the presenters.
2 Agenda Item 2 Critical Infrastructure Protection Committee JW Marriott New Orleans September 15-16, 2015
3 Safety and Security JW Marriott New Orleans Staff will inform the CIPC concerning Fire and Evacuation Procedures for your safety 2
4 CIPC Voting Members and Attendees Wireless Access Network: JWMarriott_CONF Password: NERC Please sign and pass the Attendance Sheets 3
5 Securing our Assets Over 55,000 Substations over 100Kv 4
6 Antitrust Guidelines 5
7 Membership Expectations Our CIPC Charter Section 3 states the following "Voting members of the CIPC are expected to: Bring subject matter expertise to the CIPC; Be knowledgeable about physical and cyber security practices and challenges in the electricity sector; Attend and participate in all CIPC meetings; Express their own opinions at committee meetings but also represent the interests of their Regions; Discuss and debate interests rather than positions; Complete assigned Committee, Task Force, and Working Group assignments; Maintain, at a minimum, a Secret Clearance, or to the extent not already obtained, apply for a Secret Clearance. 6
8 Conduct of the Meeting Parliamentary Procedures: In the absence of specific provisions in NERC s Rules of Procedure, all committee meetings shall be conducted in accordance with the most recent edition of Robert s Rules of Order, Newly Revised in all cases to which they are applicable. 7
9 Critical Infrastructure Protection Committee Executive Committee David Revill, NRECA Chuck Abell, Chair, Ameren Melanie Seader, EEI David Grubbs, ERCOT Nathan Mitchell, Vice Chair, APPA Jack Cashin, EPSA Ross Johnson, CEA Jim Brenton, Vice Chair, ERCOT Marc Child, Great River Laura Brown, Secretary Physical Security Subcommittee (David Grubbs) Cybersecurity Subcommittee (Marc Child) Operating Security Subcommittee (Jim Brenton) Policy Subcommittee (Nathan Mitchell) Physical Security WG (Ross Johnson) Control Systems Security WG (Mikhail Falkovich) Grid Exercise WG (Tim Conway) BES Security Metrics WG (Roland Miller) Physical Security Guidelines WG (John Breckenridge) Security Training WG (William Whitney) Business Continuity Guideline TF (Darren Myers) Physical Security Standard WG (Allan Wick) Compliance and Enforcement Input WG (Paul Crist) September
10 CIPC Primary Voting Members 9 Org Name Company Discipline TRE David Grubbs Executive Committee City of Garland Operations TRE Jim Brenton, Vice Chair ERCOT Cyber TRE Darrell Klimitchek STEC Physical FRCC Paul McClay TECO Cyber FRCC Carter Manucy Fla Municipal Physical FRCC Joe Garmon Seminole Operations MRO Marc Child Executive Committee Great River Cyber MRO Paul Crist LES Physical MRO Joe Mayfield WAPA Operations NPCC John Galloway ISO-NE Operations NPCC Greg Goodrich NYISO Cyber NPCC David Cadregari Iberdrola USA Networks Physical RFC Larry Bugh RFC Cyber RFC Kent Kujala Detroit Operations RFC Jeff Fuller DPL Physical SERC Chuck Abell, Chair Ameren Operations SERC Cynthia Hill-Watson TVA Cyber SERC Bruce Martin Duke Energy Physical SPP John Breckenridge KCPL Physical SPP Allen Klassen Westar Operations SPP Eric Ervin Westar Cyber WECC Allan Wick Tri-State Physical WECC Mike Mertz PNM Cyber WECC Vacant Vacant Operations APPA Scott Smith Bryan TX Utilities Physical APPA Nathan Mitchell, Vice Chair APPA Policy CEA Francis Bradley CEA Physical CEA Ross Johnson Executive Committee Capital Power Physical CEA David Dunn IESO Policy NRECA Robert Richhart Hoosier Policy NRECA David Revill Executive Committee Georgia Trans Policy
11 Proxies Received and Quorum Thanks to all proxies attending today and serving as a proxy for your primary voting member! Proxies received for this meeting: SPP Doug Alexander representing John Breckenridge WECC Lisa Carrington representing vacancy left by Jamey Sample CEA Ron Gentle representing Francis Bradley Announcement of CIPC Quorum of Voting Members: Based on the voting members in attendance, including the proxies received, we have achieved quorum for conducting CIPC business. 10
12 CIPC Roster Changes New Voting Members NPCC David Cadregari Iberdrola USA Networks o Nomination was approved by NERC Board of Trustees CEA Francis Bradley CEA o Nomination was approved by NERC Board of Trustees Vacancies of Voting Members: WECC vacancy is due to Jamey Sample s departure from PG&E Thank you for your service to CIPC! 11
13 Schedule of Future Meetings Dates Time Type Location Hotel October 13-16, :00 a.m. 5:00 p.m. GridSecCon 2015 Philadelphia, PA Hyatt Regency Philadelphia at Penn s Landing 201 South Columbus Boulevard Philadelphia, PA (215) November 18-19, :00 a.m. 5:00 p.m. GridEx III Remote Play NA December 15, 2015 December 15, 2015 December 16, :00 a.m. Noon Noon 5:00 p.m. 8:00 a.m. - Noon DHS/DOE Energy Sector Classified Briefing (No CIPC Workshop) CIPC Meeting TBD Atlanta, GA FBI Training Room, 3 rd floor FBI Atlanta 2635 Century Parkway, N.E. Atlanta, GA Westin Buckhead Hotel 3391 Peachtree Rd N.E. Atlanta, GA (404) March 8, :00 a.m. Noon CIPC Workshop Louisville, KY TBD March 8, 2016 March 9, 2016 Noon 5:00 p.m. 8:00 a.m. - Noon CIPC Meeting Louisville, KY TBD June 7, :00 a.m. Noon CIPC Workshop Atlanta, GA June 7, 2016 June 8, 2016 Noon 5:00 p.m. 8:00 a.m. - Noon CIPC Meeting Atlanta, GA Westin Buckhead Hotel 3391 Peachtree Rd N.E. Atlanta, GA (404) Westin Buckhead Hotel 3391 Peachtree Rd N.E. Atlanta, GA (404)
14 Chair Chuck Abell s Remarks
15 14
16 Nominating Subcommittee Report Mike Mertz, Chair NERC Critical Infrastructure Protection Committee
17 Subcommittee Assignment As per the CIPC Charter (Section 8-2), the Nominating Subcommittee Chair was appointed at the June 2015 CIPC to form a subcommittee of five members to prepare a slate of candidates for election as follows: September 2015 CIPC Meeting: Chair Vice Chairs (2) December 2015 CIPC Meeting: Physical Security SME Cyber Security SME Operations SME Policy SME 2
18 Subcommittee Members The Nominating Subcommittee Members are: Mike Mertz, Chair o PNM Resources / WECC / Cyber Paul Crist o Lincoln Electric System / MRO / Physical Larry Bugh o ReliabilityFirst / RFC / Cyber Joe Mayfield o Western Area Power Administration / MRO / Operations John Breckenridge o Kansas City Power & Light / SPP / Physical 3
19 Subcommittee Meetings The Nominating Subcommittee held multiple conference calls to develop a list of candidates The nominating subcommittee members contacted all candidates to validate interest and availability to fulfill the role Nominating subcommittee finalized the ballot via 4
20 Election Process The Nominating Subcommittee presents its slate of candidates. The Secretary will open the floor for additional nominations. Upon the close of nominations, elections will be held as follows: The first ballot will be composed of the Nominating Subcommittee s slate of candidates. If the slate is approved with a 2/3 majority, the slate is elected and the election is closed. If the slate fails, subsequent paper ballots will be distributed with the names of all candidates listed in the order in which they were nominated. Each ballot will be tallied and any candidate receiving a 2/3 majority shall be deemed elected. 5
21 CIPC Nominee Slate For the Vice Chair positions, the Subcommittee nominates: David Revill o Georgia Transmission / NRECA Nathan Mitchell o American Public Power Association / APPA For the Chair position, the Subcommittee nominates: Marc Child o Great River Energy / MRO 6
22 7
23 Agenda Item 7 CIP NOPR Supply Chain Management Shamai Elstein, NERC Senior Counsel
24 FERC CIP V5 Revisions NOPR Supply Chain Management Issued July 16, 2015 Proposed directive on Supply Chain Management Develop a new or modified Reliability Standard to provide security controls for supply chain management for industrial control system hardware and software, and computing and networking services associated with [BES] operations. Cited recent malware campaigns targeting supply chain vendors. Stated NERC CIP Standards do not address supply chain risks (as opposed to NIST and DOE Guidelines). Looking for forward-looking, objective-driven standard addressing activities throughout the system development life cycle. 2
25 FERC CIP V5 Revisions NOPR Supply Chain Management continued Standard to accommodate variety in entities procurement processes, vendor relations, system requirements, IT implementation, privileged and commercial information. Stated that supply chain management standard would: o Address only the obligations of entities registered under FERC reliability rules (i.e., would not apply to vendors/suppliers). o Be forward-looking - no abrogation or renegotiation of contracts. o Set goals about what to do while allowing flexibility for how an entity achieves those goals. o Allow for exceptions given the diversity of acquisition processes. o Be specific enough so that compliance obligations are clear and enforceable. 3
26 FERC CIP V5 Revisions NOPR Supply Chain Management continued Next Steps NOPR Comments due September 21, FERC committed in NOPR to engage in outreach efforts after receipt and consideration of comments. FERC to issue Final Rule after considering comments no set timeline. If FERC Final Rule includes supply chain management directive, NERC to work with stakeholder to develop a standard within timeframe established in Final Rule, if any. 4
27 5
28 Agenda Item 8 Physical Security Reliability Standard Implementation Tobias Whitney, Manager of CIP Compliance (NERC) Carl Herron, Physical Security Leader (NERC) NERC Sub-Committee Meeting New Orleans, Louisiana
29 CIP-014 Implementation Program Implementation Readiness Clarify Compliance Expectations Increased Industry Awareness Understanding scoping and 3 rd party reliance Consistent Enforcement Support all entities in the timely, effective, and efficient implementation of CIP-014 2
30 Key Dates CIP Implementation Timeline Activity Implementation Not Later Than Days after 10/1/15 R1 Assessment Effective Date 10/1/ days R2 Verification Effective /30/ days R2.3 Address Discrepancies R /28/ days R3 Notify Control Center R2 +7 1/6/ days R4 Threat & Vulnerability Evaluation R /27/ days R5 Security Plan R /27/ days 3
31 Risk Assessment Guidance Industry must assess the loss of certain substations (R1) To start, entities must identify in-scope substations. Assess: o Transmission Facilities at 500 kv or higher o Substations exceeding the aggregate weighted value of 3000 o Substations identified by RCs, PCs or TP that are critical to IROL derivations o Essential to meeting Nuclear Plant Interface Requirements From there, various processes can be used to determine the list: o Entities may reference the NATF R1 approach o Entities may reference the method in the Guidelines and Technical Basis o Entities may use the process described in TPL R4 and R6 To be compliant, the industry must demonstrate: A transparent process that can be validated by their CEA The resulting list is commensurate with their process and BES risks 4
32 NATF Guidance February guidance memo references the North American Transmission Forum Guidance as a means to perform R1: 1. Identify stations to analyzed based on TO identifies cases/system conditions to be analyzed o summer peak vs. winter peak load levels o shoulder peak load levels with system transfers o alternative generation dispatch assumptions o alternative load models (i.e., different penetration of inductive load) 3. Define the nature of initiating event and how it will be modeled in assessment. o Event over several minutes o Instantaneous event (such as an explosion) 4. TO is responsible for documenting the criteria for instability, uncontrolled separation or Cascading, based on engineering knowledge or judgment. 5. TO performs steady-state power flow or stability analysis. 5
33 R2 3 rd Party Verification Requirement R2 mandates that an unaffiliated third-party verify the result of the risk assessment performed under Requirement R1. The third-party for Requirement R2 must be either: A registered Planning Coordinator, Transmission Planner, or Reliability Coordinator; or An entity that has transmission planning or analysis experience. Pages of the Guidelines and Technical Basis section (Section 4) of the standard provides additional guidance on selecting a third-party verifier, stating that entities should consider the following characteristics: 6
34 R2 3 rd Party Verifier Characteristics Registered entity with applicable planning and reliability functions. Experience in power system studies and planning. The third-party s understanding of the MOD standards, TPL standards, and facility ratings as they pertain to planning studies. The third-party s familiarity with the Interconnection within which the Transmission Owner is located. 7
35 Compliance Expectations TOs must demonstrate the appropriate rigor and analysis when performing R1 and R2. Consider how the following questions can be answered: Why certain stations or substations are identified to meet the criteria in Requirement R1 Similarly, why certain stations or substations were not identified by Requirement R1 What are defining characteristics of stations and substations identified by Requirement R1 How the third party verifying the risk assessment meets the qualifications in Requirement R2 and the means the third party used to ensure effective verification 8
36 R4 Threat and Vulnerabilities Assessment Each TO that identified a Transmission station(s), Transmission substation(s), or a primary control center(s) in R1 and verified according to R2, and each Transmission Operator notified by a TO according to R3. Shall conduct an evaluation of the potential threats and vulnerabilities of a physical attack to each of their respective Transmission station(s), Transmission substation(s), and primary control center(s) identified in R1 and verified according to R2. Unique characteristics History of security events Intelligence or Threat Warnings 9
37 NATF R4 Guidance Memo June 2015 R4 practices containing an approach, common practices and understanding evaluations of the potential vulnerabilities and threats of a physical attack of facilities. Site Specific vulnerability considerations No protection of facility (fencing, locks, or monitoring) Gaps in or lack of security mitigation(physical and human) Gaps in or lack of physical security policies and procedures, failure to enforce controls for vehicle and security equipment testing. Access control how is it granted, what is the process. 10
38 NATF - R4 Guidance memo June 2015 Physical Security evaluation checklist. (The physical security evaluation checklist is a format that can be used to provide self assessment of security program). Facility Information: address, contact numbers Executive Management, Security Management, Maintenance and First Responders Perimeter: Fence(type, height, anchored and enhancements)crash gate, lighting, surrounding area and landscape Security Systems(CCTV, Intrusion detection, fire alarms and locks & doors) Information Technology Systems and Sensitive Information storage Security and Response Plans 11
39 NATF - R4 Guidance memo June 2015 CIP-014 Questionnaire Threat Assessment List all of facility history of sabotage, vandalism, physical attack and Law Enforcement response List all historical criminal incidents to similar sites within the U. S. Threat Assessment, Intelligence Bulletins or Threat Warnings prepared by State Fusion Centers, Local Law Enforcement, DHS or FBI 12
40 NATF - R4 Guidance memo June 2015 Resiliency Measures measures already existing to prevent a physical attack Existing physical security measures to deter such as: Perimeter signage, fencing, gates, lighting, locks and security officers/roving patrols Existing physical security measures to detect such as: CCTV, Intrusion Detection and alarms Existing physical security measures to delay such as: Vehicle barriers, crash gates, fencing and security officers Existing physical security measures to assess such as: Video surveillance, video analytics and security command centers 13
41 NATF - R4 Guidance memo June 2015 Resiliency Measures continued Existing physical security measures to communicate such as: Security Operations Center(SOC) initiates response, protection of communication transmission to the SOC, alarm systems and Intercom system. Existing physical security measures to respond such as: Documented procedures, responses to alarms, State or local Law Enforcement and armed security officers deployment. 14
42 R5 Security Plan Each TO that identified a Transmission station(s), Transmission substation(s), or a primary control center(s) in R1 and verified according to R2, and each Transmission Operator notified by a TO according to R3. Shall develop and implement a documented physical security plan(s) that cover their Transmission station(s), Transmission substation(s), and primary control center(s). The physical security plan(s) shall be developed within 120 calendar days following the completion of R2 and executed according to the timeline specified in the physical security plans. The security plan should address the mitigation and response to the threats and vulnerabilities identified. A measureable timeline of executing the physical security enhancements and modifications should be included in the security plan. The timeline should include a project plan on how security enhancements and modifications will be implemented. 15
43 NATF - R5 Guidance memo June 2015 R5 provides an approach for development and implementation of Physical Security Plans. Areas for consideration: Deterrence Measures Visible physical security measures installed to persuade individuals to seek other, less secure targets. Detection Measures Physical security measures installed to detect unauthorized intrusion and provide local and/ or remote intruder notification. Delay Measures Physical security measures installed to delay an intruder s access to a physical asset and provide time for incident assessment and response. 16
44 NATF - R5 Guidance memo June 2015 Assessment Measures The process of evaluating the legitimacy of an alarm and determining the procedural steps required to respond. Communicate Systems used to send and receive alarm/video signals, audio, and data. Respond The immediate measures taken to assess, deploy, interrupt, to an incident. Physical Security Plan Template. 17
45 R6 R6 - Each Transmission Owner and Transmission Operator shall select an unaffiliated third party reviewer from the following: An entity or organization with electric industry physical security experience and whose review staff has at least one member who holds either a Certified Protection Professional(CPP) or Physical Security Professional(PSP) certification. An entity or organization approved by the ERO. A government agency with physical security expertise. An entity or organization with demonstrated law enforcement, government, or military physical security expertise. 18
46 Critical Infrastructure Protection Committee (CIPC) R6 CIPC has developed guidance to support industry s implementation of Requirement R6. Provides examples of experience/documentation for third party reviewer with electric industry o Proof of past or current employment as an employee(s) or contractor(s) in the electric industry; o Proof of past or current employment as an employee(s) or contractor(s) as an ERO regional entity auditor; or o Documented experience in threat vulnerability assessments or development of security plans in the electric industry. 19
47 CIPC R6 Guidance Provides examples of government agencies that might be selected Provides skill sets/activities for demonstrated law enforcement, government, or military physical security expertise. 20
48 CIPC R6 Guidance Provides skill sets/activities for demonstrated law enforcement, government, or military physical security expertise. Conducting and/or evaluating threat and vulnerability analysis of physical attack Designing and/or evaluating physical security plans Third party review of threat and vulnerability analyses or physical security plans Designing, implementing, or evaluating asset protection plans, specifically those related to facilities with special emphasis on industrial complexes 21
49 R6 Guidance ERO approval process guidance (September 2015) This process will be applied when registered entity has a third party that does not meet one of the other three criteria. Candidate 3 rd parties shall work through their Registered Entity to obtain certification. The ERO will review the qualifications against industry-vetted criteria, which is included in the Appendix A. Appendix A - request third party reviewer must have at least one criteria from the physical security experience plus one from electric sector experience. 22
50 ERO approval process guidance (September 2015) Appendix A Physical Security experience(at least one): Certified Critical Infrastructure Protection Specialist (CCIPS) and ten (10) years. Certified Homeland Protection Professional (CHPP) and ten (10) years Professional in Critical Infrastructure Protection (PCIP) and ten (10) years Certified Security Consultant (CSC) and ten (10) years experience as a physical security professional. Ten (10) years employment in a physical security department with responsibilities in facility protection. Physical security subject matter expert. Ten (10) years of experience in physical security program development, risk assessments, and threat assessment. Twenty (20) engagements as a security consultant for facility physical security assessments or security program design. 23
51 ERO approval process guidance (September 2015) Appendix A Electric Sector Experience(at least one): Ten (10) years employment with an electric utility transmission organization. Three (3) years employment as an ERO regional entity auditor Ten (10) assignments as a physical security consultant for a North American electric utility transmission organization Five (5) years military service with training in critical infrastructure interdiction. 24
52 ERO to Monitor Implementation Number of assets critical under the standard Per Region Q Q Defining characteristics of the assets identified as critical Per Region Q Q Scope of security plans By Q Information obtained Guided Self-Certs, Off-site Audits, Audits Consider compliance monitoring schedule 25
53 ERO to Monitor Implementation Timelines for implementing security and resiliency measures Regions: Periodic Guided Self-Certs, Off-site Audits, Audits to determine implementation schedule and progress NERC will aggregate results Industry s progress in implementing the standard Beginning in Q4, Quarterly NERC Board Updates Reliability Standard Audit Worksheet for CIP-014-2, will be sent to drafting team(september 2015). 26
54 27
55 Agenda Item 9 Cyber Security Standards Program Update Tobias Whitney, NERC - Manager of CIP Compliance Critical Infrastructure Protection Committee September 2015
56 Status of CIP V5 Transition V5 Transition Advisory Group Is active, meets often to complete final guidance documents Engages Standards Committee to finalize guidance and to ensure industry input has been incorporated Over 40 FAQs and lessons learned from all sources have been finalized via the Section 11 process Industry webinars scheduled when new guidance is posted July 1 Way Forward Meeting was held to address key issues. As a result, several actions have been taken: April Memoranda have been removed Guidance will continue to use the Section 11 process 2
57 Guidance: Effective Approaches Section 11 Guidance Development Process 3
58 Where to Access the New Postings 4
59 Key Posting IRC 2.3 and 2.6 Compliance Dates The Implementation Plan is silent on how to treat changes that occur prior to April 1, The ERO Enterprise, consistent with the timelines in the Scenario of Unplanned Changes After the Effective Date table of the Implementation Plan, will provide affected Responsible Entities 12 or 24 months from the Responsible Entity s performance of their CIP , Requirement R1 assessment that follows a notification from a Reliability Coordinator, Planning Coordinator, or Transmission Planner. 5
60 Key Posting Generation Interconnection (IRC 2.5) Reliability Standard CIP Requirement R1, Attachment 1, criterion 2.5 requires responsible entities to assess Transmission Facilities by determining the weighted value per line for each incoming and each outgoing BES Transmission Line that is connected to another Transmission station or substation. Consistent with the language of criterion 2.5 and the Guidelines and Technical Basis section of CIP , a radial generator lead line with no network flows (i.e., no power would flow through the line if the generator is off-line) and with the sole purpose of connecting generator output to a networked Transmission system would not qualify as a Transmission Line to be included in the criterion 2.5 calculation. 6
61 Communications and Networking 7
62 Background The following exemption exists in Version 3 and Version 5 of the CIP Standards Cyber Assets associated with communication networks and data communication links between discrete Electronic Security Perimeters (ESP). Version 5 of the CIP Standards doesn t always require an ESP for BES Cyber Systems Need to establish an approach for identifying Cyber Assets associated with communication networks and data communication links for non-routable communications 8
63 Guidance The guidance outlines the following considerations: Evaluate the reliability tasks performed locally at the asset without external communications Identify any network and communication devices that should be categorized as BES Cyber Assets (BCA) based on the reliability tasks Identify any network and communication devices that would meet the definition of a Protected Cyber Asset (PCA) Keep the focus on the reliability tasks performed locally at the asset 9
64 Examples One approach was to establish a demarcation point between BES Cyber Systems at the asset and devices used for external communication Demarcation point is not a requirement of the standards The approach using a demarcation point is shown in the examples for: ESP to ESP ESP to No ESP No ESP to No ESP Allows identification of equipment that is considered out of scope/exempted from CIP applicability. 10
65 Example: ESP to ESP 11
66 Example: ESP to No ESP 12
67 Example: No ESP to No ESP 13
68 External Routable Connectivity 14
69 ERC The CIP version 5 requirements do not specifically address access to serial devices from networks that use a routable protocol. Intermediate System or Similar BES Cyber Asset #1 Routable communications Serial communications BES Cyber Asset #2 Port Server The BES Cyber Assets connected using serial communications were not considered BES Cyber Assets with External Routable Connectivity. The port server was evaluated to determine if it had a 15 minute impact on the Bulk Electric System. 15
70 BES Cyber Assets 16
71 BES Cyber Assets Function Impact Timeframe Security Function Communication Function Connection Duration Capability 17
72 Posting Schedule Guidance Posting Date Closing Date Webinar Communications and Networking August 19, 2015 September 18, 2015 August 20, 2015 IRC 2.3 & 2.6 August 19, 2015 September 18, 2015 August 20, 2015 Generation Interconnection August 19, 2015 September 18, 2015 August 20, 2015 BCAs/PEDs September 9, 2015 October 9, 2015 September 10, 2015 External Routable Connectivity September 9, 2015 October 9, 2015 September 10, 2015 Vendor Management September 23, 2015 TBD September 24, 2015 Patch Management September 23, 2015 TBD September 24, 2015 TO Control Centers September 23, 2015 TBD September 24,
73 Major Initiatives Related to CIP CIP NOPR highlighted the following topics for comment: Supply Chain Protecting communication links between control centers Adequacy of existing remote access controls in CIP Version 5 Protections for Transient Devices at Low Impact Clearer descriptions and definitions of LERC Interpretations Patch Management Shared BES Cyber Assets & common mode vulnerability Compliance Dates for Unplanned changes Standards Revisions V5 Transition Issues 19
74 Contact Information Manager of CIP Compliance, Tobias Whitney at Telephone: Transition Program web pages: Implementation-Study.aspx 20
75 21
76 Agenda Item 15a GridEx III CIPC Update New Orleans, LA September 15, 2015
77 GridEx III Objectives 1 GridEx III Exercise crisis response and recovery 2 3 Improve communication Identify lessons learned Local Objectives Each Organization may choose to create and work towards local objectives through the exercise 4 Engage senior leadership 2
78 GridEx III Map *As of 12:00 EDT on 09/01/2015 3
79 SimulationDeck Metrics: Number of registered participants: 1173 Number of registered organizations: 226 Utilities Participation Status Breakdown Active: 93 Observing: 47 Unmarked: 5 GridEx III Metrics Utilities Government/Academia/Other RCs NERC Regional Entity 4
80 Exercise Control Preparation GridEx III by Calendar Date November 2015 Tuesday Wednesday Thursday Eastern 4 hrs Move 1 Move Move 3 3 Pause Pause Move 2 Move Move 4 4 Pause Pause 5
81 Remember 1, 2, 3 6 Access: Exercise: Additional Information: SimulationDeck All Registered GridEx III Participants (Lead Planners, Planners, Players, Observers) SimulationDeck will host social and traditional media material as well as inject releases Treat SimulationDeck like your public-facing websites. No sensitive information should be posted here. This will be the only tool available for Observing organizations and Observers. Exercise Directory Access: All Exercise Participants Exercise: Exercise, Exercise, Exericse Access: Planning: ES-ISAC Portal Only participants who would normally have access as a part of their real job Complete refresh coming soon! The ES-ISAC Portal will be used to post alerts and Exercise: information as it would in the real world
82 Future Deliverables Player Handbook Pause guidance for C/Es Additional communications guidance OE-417, EOP-004, ES-ISAC Portal Quick-start guide Communications tests (up to November 10) Inject artifact upgrades 7
83 8
84 Agenda Item 16 Cyber Security Subcommittee Progress Report Marc Child, Chair
85 Control Systems Security Working Group Mikhail Falkovich, Chair
86 CSSWG Status Team Reviewed 119 industry submitted comments on the draft guideline. Minor edits were made to the document to fix errata and provide clarity. Language provided to GEWG for consideration in development of GRID Ex III. Final document has been provided to NERC and the CIPC EC for posting. 3
87 CSSWG Core Contributors Nadya Bartol Mikhail Falkovich Larry Bugh Cynthia Hill-Watson Marc Child Michael Johnson Frances Cleveland Carter Manucy Tim Conway Paul Skare Dustin Cornelius NERC Staff: Laura Brown 4
88 5
89 Security Training Working Group Progress Report William Whitney III, Chair David Godfrey, Vice Chair Bob Canada, NERC Rep.
90 Security Training Working Group Charter CIPC will provide meeting attendees with an opportunity to participate in physical, cyber, and operational security training, as well as, educational outreach opportunities. Current Members Bob Canada, David Grubbs, John Breckenridge, David Godfrey, Ross Johnson, Rick Carter, James McQuiggan, Jason Phillips, David Scott, Ronald Keen, Tim Conway, Steen Fjalstad, Daniel Moore, Jason Phillips, Nick Rasey, and William Whitney III 7
91 Security Training Working Group Latest Activities Monthly conference calls to discuss long term goals and short term actions Coordinate and provide platform for presentations (webinars and in-person) 8
92 Security Training Working Group 2015 Training Schedule April SHODAN Conversations with Your Control System May Insider Protection June ES-ISAC Portal Training Aug Insider Threat Program Development Sept Cyber Track - CIPv5 Vulnerability Assessment Physical Track - Surveillance Detection and Countermeasures Oct 8th UAS Update Webinar Nov TBA Dec - Briefings Please let us know what training you and/or your fellow colleagues would like to see so we can secure the speakers for that topic. If you or someone you know would like to present on a topic let us know because we would enjoy the information sharing. Remember, what you may think is common knowledge others might not know! 9
93 Security Training Working Group Recorded Training, Slides, and Documents Go to nerc.com Hover over Program Areas & Departments Click Critical Infrastructure Click CIP Training on the left of the page 10
94 Security Training Working Group Training Links TEEX - DHS - DOD - FEMA - DOE - MS-ISAC - Have a link for free, quality, training? Please share with us to add to the list. 11
95 Security Training Working Group Next Steps Continue to expand the list of free on demand training from reputable agencies and vendors Secure volunteers to join the group Schedule and prepare future Pre-CIPC training sessions and webinars Work with vendors and/or individuals in the industry to provide specific training to industry This means you and/or your co-workers that have information to share with the industry CIPC Actions Concerns and/or suggestions for today s discussion 12
96 13
97 Agenda Item 17b Threat & Incident Reporting Guideline (TF) Update - September 2015 Doug Alexander, KCP&L (proxy) John Breckenridge, Chair
98 How we fit in! CIP Committee Structure CIPC Executive Committee Physical Security Subcommittee David Grubbs Cyber Security Subcommittee Mark Child Operating Security Subcommittee Carl Eng Policy Subcommittee Nathan Mitchell Protecting Sensitive Information TF Control System Security WG Information Sharing TF BES Security Metrics WG Physical Security Guideline TF Cyber Attack Tree TF HILF Implementation TF Personnel Security Clearance TF Physical Security Ev Analysis WG Joint w/ OC & PC Cyber Security Analysis WG Joint w/ OC & PC Grid Exercise WG Compliance & Enforcement WG Physical Security Training WG Cyber Security Training WG 2
99 Changes made reference to ES-ISAC Physical Security Response Guideline TF Activity Highlights Input from Orlando Stephenson (some quick fixes to update links) Team/Task Force starting to be formed Need to get a new Charter o Review and Revise Conference Calls/ s to team Plan to have finished product (TBD) RCIS Sam Chanoski participating w/ comments OE-417 Ensure no conflicts w/ other reporting requirements Any comments or willingness to participate Contact Randy Duncan/ or Randy.duncan@kcpl.com 3
100 4
101 Agenda Item 18a BES Security Metrics WG CIPC Progress Report Roland Miller, Chair September 15-16, 2015
102 Executive Committee David Revill, NRECA Chuck Abell, Chair, Ameren Melanie Seader, EEI David Grubbs, ERCOT Nathan Mitchell, Vice Chair, APPA Jack Cashin, EPSA Ross Johnson, CEA Jim Brenton, Vice Chair, ERCOT Marc Child, Great River Laura Brown, Secretary Physical Security Subcommittee (David Grubbs) Cyber Security Subcommittee (Marc Child) Operating Security Subcommittee (Jim Brenton) Policy Subcommittee (Nathan Mitchell) Physical Security WG (Ross Johnson) Control System Security WG (Mikhail Falkovich) ES Information Sharing TF (Stephen Diebold) BES Security Metrics WG (Roland Miller) Physical Security Guidelines WG (John Breckenridge) Cybersecurity Analysis WG (TBD) Grid Exercise WG (Tim Conway) Physical Security Standard WG (Alan Wick) Security Training WG (William Whitney) Business Continuity Guideline TF (Darren Meyers) Compliance and Enforcement Input WG (Paul Crist) June
103 June 2015 CIPC Update BESSMWG Activities NERC State of Reliability Report including new Security Metrics chapter approved by NERC Board of Trustees on May 14, 2015 Drafted strawman Security Metrics Development Roadmap to plan future BESSMWG activities June 9, 2015, BESSMWG met to review Roadmap and define future direction Activities Since June 2015 Conducted 2 conference calls to accept the Roadmap and to review/assess the relative value of over 150 metrics from the universe of security metrics Met F2F Sept 15, 2015, to further define the proposed next set of security metrics and potentially enhance the existing metrics 3
104 Security Metrics Development Roadmap 2015 and Beyond We are here 4
105 Assessment of Additional Metrics Reviewed and assessed over 150 metrics from the universe of security metrics and answered the following questions: Relevant to the BES? Data available at NERC? Data available at individual entities? Classified each metric according to the following criteria: Suitable, for near-term development (during 2015) Suitable, for mid-term development (by end-2016) Suitable, for long-term development (2017 and later) Unsuitable, does not meet SMART criteria Unsuitable, as the data is already available through NERC s compliance monitoring and enforcement program (no need to duplicate) 5
106 Results of BESSMWG Assessment BESSMWG Assessment Number of Metrics Suitable for near-term development (during 2015) 0 Suitable for mid-term development (by end-2016) 4 Suitable for long-term development (2017 and later) 27 Unsuitable 26 Unsuitable as the data is already available through NERC s compliance monitoring and enforcement program 97 Total considered 154 6
107 Potential Enhancements to Existing Metrics Metric Reportable Cyber Security Incidents Reportable Physical Security Incidents ES-ISAC Membership Industry-Sourced Information Sharing Global Cyber Vulnerabilities Potential Enhancement Further breakdown of the reported data as a sub-metric Further breakdown of the reported data as a sub-metric Develop a more meaningful sub-metric based on demographic data Develop a measure of the value of information shared as a sub-metric Replace with a sector-based future threat trending metric 7
108 Timeline Establish Roadmap direction and timeline (completed) Present Roadmap to CIPC (completed) Consider and prioritize proposed new metrics from the universe of security metrics (completed) Draft definitions for development during 2016 (December 2015) Enhance the approved metrics (February 2016) Finalize detailed definitions for new metrics, including data sources (February 2016) Consider pilot program to field test new metrics If necessary, prepare NERC data request to collect data for new metrics Obtain approval and roll-out new/updated metrics and security chapter for 2016 State of Reliability Report (March 2016) 8
109 9
110 Agenda Item 18C Physical Security Standard WG Progress Report Allan Wick, Chair Toni Linenberger, Vice-Chair Brian Harrell, Vice Chair September16, 2015
111 Objectives/Duties The PSSWG will develop a roster of technical experts from the CIPC voting members, alternate members, and other willing observers and conduct the following activities: Develop a process for handling requests from NERC staff. Provide guidance to NERC on prioritizing CIP-014 products under development. Develop guidance documents for CIP-014 for NERC. Specifically, draft guidance documents for R4, R5, and R6. Provide timely technical reports, if requested by NERC, on technical matters related to physical security. Collaborate with other CIPC Working Groups and Task Forces regarding the implementation of the PSSWG deliverables. Provide CIPC updates on progress at the CIPC face-to-face meetings. 2
112 Our Team Chair Vice-Chair EC Sponsor NERC Staff Team Members Allan Wick Toni Linenberger Brian Harrell Nathan Mitchell Laura Brown Kurt Aikman Bruce W. Barnes Tim Basch Richard Bouchey John Breckenridge Bob Canada Mark L. Comer Steen J. Fjalstad Mike Hagee Ross Johnson Mike Ketchens Craig P. Lawrence Chris McColm Leslie (Les) Morton Barry Page Bobby Parker Peter Scalici Matt Stryker Douglas G. Williams 3
113 Progress Past quarter R6 Guide 45 day comment period ended August 10, 2015 o Posted under the PSSWG webpage g%20group%20psswg/final%20cip-014%20r6%20guide_ pdf Current two projects CIP-014 R5.1 survey Mike Hagee team lead o October delivery Roadmap project John Breckenridge team lead 4
114 5
NERC Critical Infrastructure Protection Committee (CIPC) Highlights
NERC Critical Infrastructure Protection Committee (CIPC) Highlights Mike Kraft, Basin Electric Power Cooperative MRO Board of Directors Meeting March 17, 2016 Midwest Reliability Organization Standards
More informationCritical Infrastructure Protection Committee Draft Minutes September 16-17, 2014
Critical Infrastructure Protection Committee Draft Minutes September 16-17, 2014 Hyatt Regency Vancouver 655 Burrard Street Vancouver, BC, Canada V6C2R7 The Critical Infrastructure Protection Committee
More information2015 Risk Element: Extreme Physical Events
2015 Risk Element: Extreme Physical Events Industry Webinar October 15, 2015 Administrative Items NERC Antitrust Guidelines It is NERC s policy and practice to obey the antitrust laws fully and to avoid
More informationCritical Infrastructure Protection Committee Minutes June 11-12, 2013
Critical Infrastructure Protection Committee Minutes June 11-12, 2013 Westin Buckhead Atlanta, Georgia The Critical Infrastructure Protection Committee (CIPC) Chair Chuck Abell called the meeting to order
More informationCritical Infrastructure Protection Committee Strategic Plan
Critical Infrastructure Protection Committee Strategic Plan 2018-2019 CIPC Executive Committee Updated:xxxxxxxx NERC Report Title Report Date I Table of Contents Preface... iii CIPC Organizational Structure...
More informationEfficiency and Effectiveness of Stakeholder Engagement
Efficiency and Effectiveness of Stakeholder Engagement Michael Walker, Senior Vice President and Chief Enterprise Risk and Strategic Development Officer Member Representatives Committee Meeting February
More informationGrid Security & NERC
Grid Security & NERC Janet Sena, Senior Vice President, Policy and External Affairs Southern States Energy Board 2017 Associate Members Winter Meeting February 27, 2017 Recent NERC History Energy Policy
More informationGrid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016
Grid Security & NERC Council of State Governments The Future of American Electricity Policy Academy Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016 1965 Northeast blackout
More informationPhysical Security Reliability Standard Implementation
Physical Security Reliability Standard Implementation Attachment 4b Action Information Background On March 7, 2014, the Commission issued an order directing NERC to submit for approval, within 90 days,
More informationAgenda Critical Infrastructure Protection Committee March 4, :00 5:00 p.m. (CST) March 5, :00 a.m. Noon (CST)
Agenda Critical Infrastructure Protection Committee March 4, 2014 1:00 5:00 p.m. (CST) March 5, 2014 8:00 a.m. Noon (CST) Hyatt Regency at the Arch 315 Chestnut Street St. Louis, MO 63102 (314) 655-1234
More informationAgenda Critical Infrastructure Protection Committee March 8, :00 5:00 p.m. Eastern March 9, :00 a.m. Noon Eastern
Agenda Critical Infrastructure Protection Committee March 8, 2017 1:00 5:00 p.m. Eastern March 9, 2017 8:00 a.m. Noon Eastern Ritz-Carlton Buckhead 3434 Peachtree Road Atlanta, GA 30326 Room: Salon 2678
More informationLive Webinar: Best Practices in Substation Security November 17, 2014
Live Webinar: Best Practices in Substation Security November 17, 2014 1 Agenda & Panelists Welcome & Introduction - Allan Wick, CFE, CPP, PSP, PCI, CBCP Enterprise Security Manager-CSO Tri-State Generation
More informationAgenda Event Analysis Subcommittee Conference Call
Agenda Event Analysis Subcommittee Conference Call August 14, 2013 11:00 a.m. 1:00 p.m. Eastern Ready Talk Conference Call and Web Meeting Information: Dial-In: 1-866-740-1260 Access Code: 6517175 Security
More informationCIP V5 Updates Midwest Energy Association Electrical Operations Conference
CIP V5 Updates Midwest Energy Association Electrical Operations Conference May 2015 Bob Yates, CISSP, MBA Principal Technical Auditor ReliabilityFirst Corporation Agenda Cyber Security Standards Version
More informationCritical Infrastructure Protection Committee Strategic Plan
Critical Infrastructure Protection Committee Strategic Plan 2013-2016 CIPC Executive Committee 5/14/2013 3353 Peachtree Road NE Suite 600, North Tower Atlanta, Georgia 30326 404-446-2560 www.nerc.com Table
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationCyber Security Reliability Standards CIP V5 Transition Guidance:
Cyber Security Reliability Standards CIP V5 Transition Guidance: ERO Compliance and Enforcement Activities during the Transition to the CIP Version 5 Reliability Standards To: Regional Entities and Responsible
More informationCritical Infrastructure Protection Version 5
Critical Infrastructure Protection Version 5 Tobias Whitney, Senior CIP Manager, Grid Assurance, NERC Compliance Committee Open Meeting August 9, 2017 Agenda Critical Infrastructure Protection (CIP) Standards
More informationProject Physical Security Directives Mapping Document
Document Background In Order No. 802 (final order on CIP-014-1 Physical Security), issued on November 20, 2014, FERC directed NERC to remove the term widespread from Reliability Standard CIP-014-1 or,
More informationCyber Security Standards Drafting Team Update
Cyber Security Standards Drafting Team Update Michael Assante, VP & Chief Security Officer North American Electric Reliability Corp. February 3, 2008 Overview About NERC Project Background Proposed Modifications
More informationCritical Infrastructure Protection Committee Strategic Plan
Critical Infrastructure Protection Committee Strategic Plan 2015-2018 CIPC Executive Committee Updated: December 13, 2016 NERC Report Title Report Date I Table of Contents Preface... iv Executive Summary...
More informationERO Enterprise IT Projects Update
ERO Enterprise IT Projects Update Stan Hoptroff, Vice President, Chief Technology Officer and Director of Information Technology Technology and Security Committee Meeting November 6, 2018 Agenda ERO IT
More informationCIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra
CIP-014 JEA Compliance Approach FRCC Fall Compliance Workshop Presenter Daniel Mishra Acronyms & Terminologies DHS Department of Homeland Security JEA It s not an acronym JSO Jacksonville Sheriff's Office
More informationOPUC Workshop March 13, 2015 Cyber Security Electric Utilities. Portland General Electric Co. Travis Anderson Scott Smith
OPUC Workshop March 13, 2015 Cyber Security Electric Utilities Portland General Electric Co. Travis Anderson Scott Smith 1 CIP Version 5 PGE Implementation Understanding the Regulations PGE Attended WECC
More informationElectricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013
Electricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013 Purpose and Scope The purpose of the Electricity Sub-Sector Coordinating Council (ESCC) is to facilitate and support
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014
Federal Energy Regulatory Commission Order No. 791 June 2, 2014 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently proposed
More informationCritical Infrastructure Protection Committee Draft Minutes March 4-5, 2014
Critical Infrastructure Protection Committee Draft Minutes March 4-5, 2014 Hyatt Regency at the Arch 315 Chestnut Street St. Louis, MO 63102 The Critical Infrastructure Protection Committee (CIPC) Chair
More informationSupply Chain Cybersecurity Risk Management Standards. Technical Conference November 10, 2016
Supply Chain Cybersecurity Risk Management Standards Technical Conference November 10, 2016 Agenda Opening remarks Review conference objectives and ground rules Standards project overview Discuss draft
More informationMeeting Notes Project Modifications to CIP Standards Drafting Team June 28-30, 2016
Meeting Notes Project 2016-02 Modifications to CIP Standards Drafting Team June 28-30, 2016 Exelon Chicago, IL Administrative 1. Introductions / Chair s Remarks The meeting was brought to order by S. Crutchfield
More informationStandards Development Update
Standards Development Update Steven Noess, Director of Standards Development FRCC Reliability Performance Industry Outreach Workshop September 20, 2017 Supply Chain Risk Management 1 Cyber Security Supply
More informationStandards Authorization Request Form
Standards Authorization Request Form When completed, email this form to: sarcomm@nerc.com NERC welcomes suggestions to improve the reliability of the bulk power system through improved reliability standards.
More information1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010
Standard CIP 011 1 Cyber Security Protection Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes
More informationNERC-Led Technical Conferences
NERC-Led Technical Conferences NERC s Headquarters Atlanta, GA Tuesday, January 21, 2014 Sheraton Phoenix Downtown Phoenix, AZ Thursday, January 23, 2014 Administrative Items NERC Antitrust Guidelines
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationUnofficial Comment Form Project Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i)
Unofficial Comment Form Project 2016-02 Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i) Do not use this form for submitting comments. Use the electronic form to submit
More informationAugust Meeting Minutes Personnel Certification Governance Committee
August Meeting Minutes Personnel Certification Governance Committee August 28-29, 2012 Catamaran Resort San Diego, CA Administrative A meeting of the Personnel Certification Governance Committee was held
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationCyber Security Incident Report
Cyber Security Incident Report Technical Rationale and Justification for Reliability Standard CIP-008-6 January 2019 NERC Report Title Report Date I Table of Contents Preface... iii Introduction... 1 New
More informationCritical Infrastructure Protection (CIP) Version 5 Revisions. Standard Drafting Team Update Industry Webinar September 19, 2014
Critical Infrastructure Protection (CIP) Version 5 Revisions Standard Drafting Team Update Industry Webinar September 19, 2014 Administrative Items NERC Antitrust Guidelines It is NERC s policy and practice
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015
Federal Energy Regulatory Commission Order No. 791 January 23, 2015 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationCritical Infrastructure Protection Committee (CIPC)
Critical Infrastructure Protection Committee (CIPC) Westin Buckhead Atlanta Atlanta, GA December 15-16, 2015 Safety and Security Westin Buckhead Atlanta Staff will inform the CIPC concerning Fire and Evacuation
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationNORTH AMERICAN ELECTRIC RELIABILITY CORPORATION
NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION NARUC Energy Regulatory Partnership Program The Public Services Regulatory Commission of Armenia and The Iowa Utilities Board Janet Amick Senior Utility
More informationCompliance Exception and Self-Logging Report Q4 2014
Agenda Item 5 Board of Trustees Compliance Committee Open Session February 11, 2015 Compliance Exception and Self-Logging Report Q4 2014 Action Information Introduction Beginning in November 2013, NERC
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-6 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the Bulk Electric
More informationStandards. Howard Gugel, Director of Standards Board of Trustees Meeting February 11, 2016
Standards Howard Gugel, Director of Standards Board of Trustees Meeting February 11, 2016 Balancing Authority Reliability-based Controls Reliability Benefits Data requirements for Balancing Authority (BA)
More informationSecurity Standards for Electric Market Participants
Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system
More informationMeeting Minutes Personnel Certification Governance Committee
Meeting Minutes Personnel Certification Governance Committee November 6-7, 2012 JW Marriott Hotel New Orleans 614 Canal Street New Orleans, LA 70130 Administrative A meeting of the Personnel Certification
More informationThis draft standard is being posted for an initial comment and ballot. The draft includes modifications to meet the directives of FERC Order No. 791.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationERO Enterprise Strategic Planning Redesign
ERO Enterprise Strategic Planning Redesign Mark Lauby, Senior Vice President and Chief Reliability Officer Member Representatives Committee Meeting February 10, 2016 Strategic Planning Redesign Current
More informationERO Compliance Enforcement Authority Staff Training
ERO Compliance Enforcement Authority Staff Training Vision Comprehensive ERO CEA staff training program that promotes high quality and consistency in the conduct of audits The methods to accomplish the
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION. Foundation for Resilient Societies ) Docket No.
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Foundation for Resilient Societies ) Docket No. AD17-9-000 COMMENTS OF THE NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION IN OPPOSITION
More informationStandards Authorization Request Form
Standards Authorization Request Form When completed, email this form to: sarcomm@nerc.com NERC welcomes suggestions to improve the reliability of the bulk power system through improved reliability standards.
More informationCompliance Enforcement Initiative
Compliance Enforcement Initiative Filing and Status Update November 2, 2011 Rebecca Michael Status of the Filings NERC filed several components of the Compliance Enforcement Initiative on September 30,
More informationEEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1,
EEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1, 2008 www.morganlewis.com Overview Reliability Standards Enforcement Framework Critical Infrastructure Protection (CIP)
More informationAnalysis of CIP-006 and CIP-007 Violations
Electric Reliability Organization (ERO) Compliance Analysis Report Reliability Standard CIP-006 Physical Security of Critical Cyber Assets Reliability Standard CIP-007 Systems Security Management December
More informationCIP Version 5 Evidence Request User Guide
CIP Version 5 Evidence Request User Guide Version 1.0 December 15, 2015 NERC Report Title Report Date I Table of Contents Preface... iv Introduction... v Purpose... v Evidence Request Flow... v Sampling...
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationThis section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Description of Current Draft
More informationIndustry Webinar. Project Modifications to CIP-008 Cyber Security Incident Reporting. November 16, 2018
Industry Webinar Project 2018-02 Modifications to CIP-008 Cyber Security Incident Reporting November 16, 2018 Agenda Presenters Standard Drafting Team NERC Staff - Alison Oswald Administrative Items Project
More informationCYBER SECURITY POLICY REVISION: 12
1. General 1.1. Purpose 1.1.1. To manage and control the risk to the reliable operation of the Bulk Electric System (BES) located within the service territory footprint of Emera Maine (hereafter referred
More informationLesson Learned CIP Version 5 Transition Program CIP R1: Grouping BES Cyber Assets Version: March 2, 2014
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1 R1: Grouping BES Cyber Assets Version: March 2, 2014 This document is designed to convey lessons learned from NERC s various CIP version 5 transition
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationPrivate Sector Clearance Program (PSCP) Webinar
Private Sector Clearance Program (PSCP) Webinar Critical Infrastructure Protection Committee November 18, 2014 Nathan Mitchell, ESCC Clearance Liaison Agenda History NERC CIPC Private Sector Clearance
More informationChapter X Security Performance Metrics
DRAFT February 19, 15 BES Security s Working Group Page 1 of 7 Chapter X Security Performance s 1 3 3 3 3 0 Background The State of Reliability 1 report noted that the NERC PAS was collaborating with the
More informationCIP Cyber Security Incident Reporting and Response Planning
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCIP Cyber Security Configuration Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationJim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas
Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas Facts expressed in this presentation are Facts Opinions express in this presentation are solely my own The voices I
More informationCIP Version 5 Transition. Steven Noess, Director of Compliance Assurance Member Representatives Committee Meeting November 12, 2014
CIP Version 5 Transition Steven Noess, Director of Compliance Assurance Member Representatives Committee Meeting November 12, 2014 Purpose of the Transition Program Transitioning entities confident in
More informationFERC Reliability Technical Conference Panel III: ERO Performance and Initiatives ESCC and the ES-ISAC
: ERO Performance and Initiatives June 4, 2015 Chairman Bay, Commissioners, and fellow panelists, I appreciate the opportunity to address the topics identified for the third panel of today s important
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION ) )
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Cyber Security Incident Reporting Reliability Standards ) ) Docket Nos. RM18-2-000 AD17-9-000 COMMENTS OF THE NORTH AMERICAN ELECTRIC
More informationMember Representatives Committee Meeting
Member Representatives Committee Meeting August 13, 2014 1:15 p.m. 5:15 p.m. Pacific The Westin Bayshore, Vancouver 1601 Bayshore Drive Vancouver, BC V6G 2V4 Canada Opening Remarks by MRC Chair Consent
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 3 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationAgenda Critical Infrastructure Protection Committee March 6, :00 p.m. 5:00 p.m. Eastern March 7, :00 a.m. Noon Eastern
Agenda Critical Infrastructure Protection Committee March 6, 2018 1:00 p.m. 5:00 p.m. Eastern March 7, 2018 8:00 a.m. Noon Eastern Hyatt Regency Jacksonville Riverfront 225East Coastline Drive Jacksonville,
More informationJune 4, 2014 VIA ELECTRONIC FILING. Veronique Dubois Régie de l'énergie Tour de la Bourse 800, Place Victoria Bureau 255 Montréal, Québec H4Z 1A2
June 4, 2014 VIA ELECTRONIC FILING Veronique Dubois Régie de l'énergie Tour de la Bourse 800, Place Victoria Bureau 255 Montréal, Québec H4Z 1A2 Re: North American Electric Reliability Corporation Dear
More informationProject Modifications to CIP Standards. Technical Conference April 19, 2016 Atlanta, GA
Project 2016-02 Modifications to CIP Standards Technical Conference April 19, 2016 Atlanta, GA Agenda Welcome Steven Noess NERC Antitrust Compliance Guidelines and Public Announcement* - Al McMeekin Logistics
More informationBoard of Trustees Compliance Committee
Board of Trustees Compliance Committee August 13, 2014 10:00 a.m. 11:00 a.m. Pacific The Westin Bayshore 1601 Bayshore Drive Vancouver, BC V6G 2V4 Reliability Assurance Initiative (RAI) Progress Report
More informationERO Reliability Risk Priorities Report. Peter Brandien, Reliability Issues Steering Committee Chair WECC Reliability Workshop March 21, 2018
ERO Reliability Risk Priorities Report Peter Brandien, Reliability Issues Steering Committee Chair WECC Reliability Workshop March 21, 2018 Reliability Issues Steering Committee (RISC) Background 2 RISC
More informationStandard CIP-006-4c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-4c 3. Purpose: Standard CIP-006-4c is intended to ensure the implementation of a physical security
More informationPlease contact the undersigned if you have any questions concerning this filing.
!! November 29, 2016 VIA ELECTRONIC FILING Veronique Dubois Régie de l'énergie Tour de la Bourse 800, Place Victoria Bureau 255 Montréal, Québec H4Z 1A2 Re: North American Electric Reliability Corporation
More informationPage 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES
002 5 R1. Each Responsible Entity shall implement a process that considers each of the following assets for purposes of parts 1.1 through 1.3: i. Control Centers and backup Control Centers; ii. Transmission
More informationA. Introduction 1. Title: 2. Number: 3. Purpose: 4. Applicability: 4.1. Functional Entities: Balancing Authority Distribution Provider
The Background, VRF/VSLs, and Guidelines and Technical Basis Sections have been removed for this informal posting. The Project 2016-02 is seeking comments around the concept of the Requirement/Measure
More informationCIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security System Security Management 2. Number: CIP-007-5 3. Purpose: To manage system security by specifying select technical, operational, and procedural requirements in
More informationCyber Security Supply Chain Risk Management
Cyber Security Supply Chain Risk Management JoAnn Murphy, SDT Vice Chair, PJM Interconnection May 31, 2017 FERC Order No. 829 [the Commission directs] that NERC, pursuant to section 215(d)(5) of the FPA,
More informationImplementing Cyber-Security Standards
Implementing Cyber-Security Standards Greg Goodrich TFIST Chair, CISSP New York Independent System Operator Northeast Power Coordinating Council General Meeting Montreal, QC November 28, 2012 Topics Critical
More informationTitle. Critical Infrastructure Protection Getting Low with a Touch of Medium. CanWEA Operations and Maintenance Summit 2018.
Critical Infrastructure Protection Getting Low with a Touch of Medium Title CanWEA Operations and Maintenance Summit 2018 January 30, 2018 George E. Brown Compliance Manager Acciona Wind Energy Canada
More informationMarch 6, Dear Electric Industry Vendor Community: Re: Supply Chain Cyber Security Practices
March 6, 2019 Dear Electric Industry Vendor Community: Re: Supply Chain Cyber Security Practices On July 21, 2016, the Federal Energy Regulatory Commission (FERC) directed the North American Electric Reliability
More informationJim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas
Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas Facts expressed in this presentation are Facts Opinions express in this presentation are solely my own The voices I
More informationStandard CIP 004 3a Cyber Security Personnel and Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-3a 3. Purpose: Standard CIP-004-3 requires that personnel having authorized cyber or authorized unescorted physical access
More informationStandard Development Timeline
CIP-008-6 Incident Reporting and Response Planning Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard
More informationCIP Standards Development Overview
CIP Standards Development Overview CSSDTO706 Meeting with FERC Technical Staff July 28, 2011 Objectives Historical Timeline CIP-002-4 CIP-005-4 CIP Version 5 2 Project 2008-06 Overview FERC Order 706 SDT
More informationAgenda Critical Infrastructure Protection Committee September 12, :00 5:00 p.m. Eastern September 13, :00 a.m.
Agenda Critical Infrastructure Protection Committee September 12, 2017 1:00 5:00 p.m. Eastern September 13, 2017 8:00 a.m. Noon Eastern The Hilton Quebec 1100, boul. René-Lévesque Est Quebec, QC, G1R 4P3
More informationStandard CIP 005 4a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-4a 3. Purpose: Standard CIP-005-4a requires the identification and protection of the Electronic Security Perimeter(s)
More informationPhilip Huff Arkansas Electric Cooperative Corporation Doug Johnson Commonwealth Edison Company. CSO706 SDT Webinar August 24, 2011
CIP Standards Version 5 Requirements & Status Philip Huff Arkansas Electric Cooperative Corporation Doug Johnson Commonwealth Edison Company David Revill Georgia Transmission Corporation CSO706 SDT Webinar
More informationNERC Overview and Compliance Update
NERC Overview and Compliance Update Eric Ruskamp Manager, Regulatory Compliance August 17, 2018 1 Agenda NERC Overview History Regulatory Hierarchy Reliability Standards Compliance Enforcement Compliance
More informationStandard CIP-006-3c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security
More information