CIP Compliance Workshop Boise, ID March 29, 2018
|
|
- Mae Potter
- 5 years ago
- Views:
Transcription
1 CIP Compliance Workshop Boise, ID March 29, 2018 Mark Lemery, MSc, CPP, PSP Auditor, Cyber and Physical Security
2 2 Impact on Reliability Identify WECC s audit approach and inform entities of physical security best practices for protecting BES Cyber Systems.
3 3 Overview Introduction Purpose & Applicability Definitions Requirements & Parts Review Audit Approach & Results Audit Prep Tips for Success Q & A
4 4 Speaker Intro Bio Mark Lemery, MSc, CPP, PSP 25+ years Intelligence & Security Experience Nation State & Non-state Threats/Threat Actors Compliance Auditor, Physical and Cyber Security CIP-006, CIP-014 US Air Force (Retired) Intelligence Officer All-source Intelligence Operations, Analysis & Targeting (SIGINT, GEOINT, HUMINT, MASINT) Deployments: Somalia/Kenya, Turkey, Iraq, Kosovo, Afghanistan Education: MSc, Strategic Intelligence National Intelligence University, Washington, DC CIP Program Manager at Utah SIAC (State Law Enforcement Intelligence Fusion Center) Critical Infrastructure Protection (CIP) Program Manager State Lead for Private Sector Outreach/Education/Training Partnered w/dhs Protective Security Advisor (PSA) for Utah
5 5 Disclaimer The information contained in this presentation is drawn from our current understanding of this Standard and its Requirements as of the presentation date. The WECC audit approach and information contained within this presentation is subject to change based on future guidance.
6 CIP Cyber Security: Physical Security of BES Cyber Systems 6 Manage physical access to BES Cyber Systems via Physical Security Plan, Visitor Control Program, PACS Maintenance & Testing Program Applies to High & Medium Impact BCSI, based on CIP categorization
7 CIP R1: Implement Documented Physical Security Plan 7 Ensure physical access to BCSI is restricted & managed Implementation of a documented Physical Security Plan PNCs & AOCs: Hard Keys: Failure to implement or fully document hard key management system or program with same rigor as applied to electronic physical access control & badges #1 PNC & AOC Shared Facilities: Failure to implement own CIP program or execute agreements to indicate compliance responsibility
8 FERC 2017 Staff Report: Physical Key Management 8 However, the physical keys still provide access to PSPs and should be afforded the same level of control as for electronic access. (such as PACS ID badges)
9 R1 Part 1.1: 9 Operational or Procedural Controls PNCs & AOCs: Failure to define operational or procedural controls to restrict physical access Failure to ensure all PACS are identified & afforded required protections Failure to implement documented plan for PACS devices
10 10 PACS Cyber Assets that control, alert, or log PSP access Typically includes Control Panels, Servers & Workstations Excludes locally mounted hardware or devices If PACS inside PSP, while no additional obligation to comply with Parts 1.1, 1.6 & 1.7, WECC recommends entities implement PACS-specific controls beyond those resident in the PSP
11 Part 1.2: 11 PSP Access Single-factor Authentication Typical Physical Access Control Methods: Card Key: Electronic access; access rights predefined in computer database Special Locks: Locks w/ restricted key systems; remotely operated magnetic locks; man-trap systems Security Personnel: May be on or off-site Other Authentication Devices: Biometric, keypad, token, or other equivalent devices controlling physical access into PSP
12 Part 1.3: PSP Access Two-factor Authentication 12 Requires Two of the Following: Something You Know: Pin Code Something You Have: Card Key; Physical Key Something You Are: Biometric Scanner; Fingerprint, Retina Scanner. Hand Geometry For physically layered protection, no single authenticator allowed to provide access through both layers (example: locked gate with locked control building) Same key or access device cannot provide access to both layers
13 Part 1.4: PSP - Monitor for Unauthorized Access 13 Physical Access Monitoring Methods: Alarm Systems: To indicate interior motion or when a door, gate, or window has been opened without authorization Human Observation of Access Points: By security personnel who are also controlling physical access PNCs & AOCs: Entity failed to implement a program to monitor for unauthorized PSP access
14 Part 1.5: PSP Alarm or Alert within 15 Minutes 14 Alarm or alert after detecting unauthorized access from Part 1.4 Issued within 15 minutes; 15 minute closure of alarm not required Personnel receiving alarm must be identified in BES Cyber Security Incident Response Plan Documented 15 minute acknowledgement is reviewed at audit & is expected to demonstrate compliance PNCs & AOCs: Entity failed to implement a program to issue an alarm or alert w/in 15 minutes
15 Part 1.6: PACS Monitor for Unauthorized Access 15 CIP requires utilization of at least one physical access control for PACS assets located outside of a PSP Security Best Practice: Entities should apply same physical access controls to PACS panels & servers located in PSP; same as for PACS assets outside of a PSP PNCs & AOCs: Entity failed to monitor PACS for unauthorized physical access to PACS Cascading impact of failing to properly identify or categorize PACS assets
16 Part 1.7: PACS Alarm or Alert within 15 Minutes 16 Typically, most PACS panels/cabinets outside of PSP utilize door tamper switches, electronic card reader or hard keys PNCs & AOCs: Entity failed to issue an alarm or alert for unauthorized PACS access w/in 15 mins Cascading impact of failing to properly identify or categorize PACS assets
17 Part 1.8: PSP Log Access 17 Physical Access Logging Methods: Computerized Logging: Electronic logs (via PACS) Video Recording: Of sufficient quality to determine identity Note: Video system used in this way, i.e. for other than post-incident forensic analysis, is a PACS & must be protected as such Manual Logging: Log book or sign-in sheet Note: Logging of exit not required
18 Part 1.9: PSP 90 Day Access Log Retention 18 Retain Physical Access Logs for at Least Ninety/90 Calendar Days When submitting evidence, please submit access logs for multiple personnel & multiple PSP access points
19 Part 1.10: Restrict Physical Access to Cabling 19
20 Part 1.10: Restrict Physical Access to Cabling 20 Example: 2 separate PSPs in same building, or PSPs in different buildings, but inside the same Electronic Security Perimeter (ESP) Either physically protect cabling & components that leave a PSP (via armored cabling, steel or aluminum tubing or conduit, or secured cable trays) Or protect via data encryption, circuit monitoring (such as communications loss), or equally effective logical protections
21 CIP R2: Implement Documented Visitor Control Program 21 Implementation of a documented Visitor Control Program
22 Part 2.1: PSP Visitors - Continuous Escorted Access 22 Require continuous escort of PSP visitors When submitting evidence, please submit logs for multiple personnel & for multiple PSP access points
23 Part 2.2: PSP Visitors Manual or Automated Logging 23 Visitor logging should capture each visit; does not need to capture each entry or exit of each visitor Audit team recommends documenting actual escort vice a POC, to ensure any visitor follow-up is with the person with relevant knowledge PNCs & AOCs: Entity failed to ensure manual or automated logging Entity failed to ensure PSP logs maintained for each individual PSP Entity failed to ensure visitor logs included POC responsible for visitor
24 FERC 2017 Staff Report: Use of Manual Visitor Logs 24 The use of manual logs led to failures to record pieces of [required] information the risk could be lowered if highly visible instructions were located near each manual log.
25 Part 2.3: PSP Visitors 90 Day Visitor Log Retention 25 Retain Visitor Logs for at Least Ninety/90 Calendar Days When submitting evidence, please submit visitor logs for multiple personnel & multiple PSP access points
26 26 CIP R3: Implement PACS Maintenance & Testing Program Implementation of a documented PACS Maintenance & Testing Program AOCs: Current state of disrepair of many PACS devices at substations could result in future non-compliance Ensure situational awareness of PACS device operational status at all times Note: Expansion of Audit Scope possible if maintenance issues observed during site visits
27 Part 3.1: PACS & PSP Maintenance & Testing Every 24 Months 27 Includes testing of locally mounted hardware or devices used in controlling, alerting or logging PSP access Physical security controls unrelated to CIP PACS used for protection of BES Cyber Systems are out of scope for CIP-006-6, but may be relevant for CIP or CIP compliance
28 28 PACS Cyber Assets that control, alert, or log PSP access Typically Includes Control Panels, Servers & Workstations Excludes locally mounted hardware or devices If PACS inside PSP, while no additional obligation to comply with Parts 1.1, 1.6 & 1.7, WECC recommends entities implement PACS-specific controls beyond those resident in the PSP
29 29 Documentation Audit Prep - Tips for Success Physical Security Plan clear links to Requirements & Parts Asset/File Name continuity across RSAW, Physical Security Plan, PSP Diagrams & Physical Access Logs/Visitor Logs Ensure access control and alarm logs submitted as initial evidence or in response to DR only contain entries for PSP access points and/or PACS assets located outside of a PSP PACS Location, Number, Type Indicate specific location and type on PSP and/or other diagrams
30 30 Audit Prep - Tips for Success Shared Facilities Clearly implement own program or execute agreements to clearly indicate compliance responsibilities PSP Documentation/Diagrams Clearly identified PSP What are the access points? How is access controlled? PACS: location, number & type For PACS assets outside of a PSP, please provide diagram showing their location, number & type as well
31 Door alarmed Door alarmed NW Camera out NE Camera out MAIN ENTRANCE Card Reader 0 in Camera out CR 1 out Secured Door Camera In Door alarmed SW Camera out SE Camera out Door alarmed Sample Substation Control House PSP Diagram
32 Camera 1 In CR 01 IN CR 02 OUT Camera 2 Out Sample Substation Control Center PSP Diagram Access point= PSP=
33 33 Hard Key Management Audit Prep - Tips for Success Same key should not provide access to both PSP & non-psp doors When & how keys are to be used? Which PSP doors have hard key lock access? Who has access to hard keys; who has been issued them? How is use of hard key logged? Is an alarm triggered when door is opened? Can a single key (AKA: Factor) provide access to a High Impact PSP? Visitors Regularly review manual visitor logs for completeness
34 Physical Security Support Physical Security Work Group (PSWG) By entities, for entities Join today! WECC CIP Team just a phone call away We re here to help! Always willing to provide our audit approach
35 35 Contact CIP Compliance Audit Team Gary King, CPP, PSP CIP Sr. Compliance Auditor (801) Mark Lemery, CPP, PSP CIP Compliance Auditor (801) Brady Phelps, CPP, PSP CIP Compliance Auditor (520)
Reliability Standard Audit Worksheet 1
Reliability Standard Audit Worksheet 1 CIP-006-6 Cyber Security Physical Security of BES Cyber Systems This section to be completed by the Compliance Enforcement Authority. Audit ID: Registered Entity:
More informationStandard CIP-006-4c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-4c 3. Purpose: Standard CIP-006-4c is intended to ensure the implementation of a physical security
More informationStandard CIP-006-3c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security
More informationCIP Cyber Security Physical Security of BES Cyber Systems
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationStandard CIP Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security program
More informationCIP Cyber Security Physical Security of BES Cyber Systems
A. Introduction 1. Title: Cyber Security Physical Security of BES Cyber Systems 2. Number: CIP-006-6 3. Purpose: To manage physical access to Bulk Electric System (BES) Cyber Systems by specifying a physical
More informationCIP Cyber Security Physical Security of BES Cyber Systems
A. Introduction 1. Title: Cyber Security Physical Security of BES Cyber Systems 2. Number: CIP-006-5 3. Purpose: To manage physical access to BES Cyber Systems by specifying a physical security plan in
More informationStandard CIP Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-1 3. Purpose: Standard CIP-006 is intended to ensure the implementation of a physical security program
More informationStandard CIP-006-1a Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-1a 3. Purpose: Standard CIP-006 is intended to ensure the implementation of a physical security program
More informationPage 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES
002 5 R1. Each Responsible Entity shall implement a process that considers each of the following assets for purposes of parts 1.1 through 1.3: i. Control Centers and backup Control Centers; ii. Transmission
More informationCIP V5 Updates Midwest Energy Association Electrical Operations Conference
CIP V5 Updates Midwest Energy Association Electrical Operations Conference May 2015 Bob Yates, CISSP, MBA Principal Technical Auditor ReliabilityFirst Corporation Agenda Cyber Security Standards Version
More informationStandard CIP 005 4a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-4a 3. Purpose: Standard CIP-005-4a requires the identification and protection of the Electronic Security Perimeter(s)
More informationCYBER SECURITY POLICY REVISION: 12
1. General 1.1. Purpose 1.1.1. To manage and control the risk to the reliable operation of the Bulk Electric System (BES) located within the service territory footprint of Emera Maine (hereafter referred
More informationCIP Cyber Security Configuration Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationStandard CIP 005 2a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2a 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationCIP Cyber Security Physical Security of BES Cyber Systems
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCompliance: Evidence Requests for Low Impact Requirements
MIDWEST RELIABILITY ORGANIZATION Compliance: Evidence Requests for Low Impact Requirements Jess Syring, CIP Compliance Engineer MRO CIP Low Impact Workshop March 1, 2017 Improving RELIABILITY and mitigating
More informationAnalysis of CIP-006 and CIP-007 Violations
Electric Reliability Organization (ERO) Compliance Analysis Report Reliability Standard CIP-006 Physical Security of Critical Cyber Assets Reliability Standard CIP-007 Systems Security Management December
More informationSummary of FERC Order No. 791
Summary of FERC Order No. 791 On November 22, 2013, the Federal Energy Regulatory Commission ( FERC or Commission ) issued Order No. 791 adopting a rule that approved Version 5 of the Critical Infrastructure
More informationFacility Security Policy
1. PURPOSE 1.1 The New Brunswick Institute for Research, Data and Training (NB-IRDT) is located in the University of New Brunswick. It consists of: (i) employee offices in Singer Hall and Keirstead Hall,
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationCIP Version 5 Evidence Request User Guide
CIP Version 5 Evidence Request User Guide Version 1.0 December 15, 2015 NERC Report Title Report Date I Table of Contents Preface... iv Introduction... v Purpose... v Evidence Request Flow... v Sampling...
More informationDATA SECURITY THE PROTECTION OF YOUR INFORMATION IS OUR PRIME DIRECTIVE
DATA SECURITY THE PROTECTION OF YOUR INFORMATION IS OUR PRIME DIRECTIVE OVERVIEW building security theft alarms point of entry interior & exterior closed-circuit camera monitoring impact-resistant windows
More informationCIP V5 Implementation Study SMUD s Experience
CIP V5 Implementation Study SMUD s Experience Tim Kelley October 16, 2014 Powering forward. Together. SMUD Fast Facts General Information SMUD employs approximately 2,000 individuals Service area of 900
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 3 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationProject Modifications to CIP Standards. Technical Conference April 19, 2016 Atlanta, GA
Project 2016-02 Modifications to CIP Standards Technical Conference April 19, 2016 Atlanta, GA Agenda Welcome Steven Noess NERC Antitrust Compliance Guidelines and Public Announcement* - Al McMeekin Logistics
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationHIPAA Security. 3 Security Standards: Physical Safeguards. Security Topics
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationStandard CIP 004 3a Cyber Security Personnel and Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-3a 3. Purpose: Standard CIP-004-3 requires that personnel having authorized cyber or authorized unescorted physical access
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationCompliance Exception and Self-Logging Report Q4 2014
Agenda Item 5 Board of Trustees Compliance Committee Open Session February 11, 2015 Compliance Exception and Self-Logging Report Q4 2014 Action Information Introduction Beginning in November 2013, NERC
More informationNPCC Compliance Monitoring Team Classroom Session
NPCC Compliance Monitoring Team Classroom Session John Muir - Director, Compliance Monitoring Jacqueline Jimenez - Senior Compliance Engineer David Cerasoli, CISSP - Manager, CIP Audits 5/14/2018 1 Compliance
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-1 3. Purpose: Standard CIP-005 requires the identification and protection of the Electronic Security Perimeter(s)
More information1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010
Standard CIP 011 1 Cyber Security Protection Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-5.1 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the BES from individuals
More informationLesson Learned CIP Version 5 Transition Program
Lesson Learned CIP Version 5 Transition Program CIP-002-5: BES Cyber Assets Version: December 7, 2015 This document is designed to convey lessons learned from NERC s various CIP version 5 transition activities.
More informationImplementation Plan for Version 5 CIP Cyber Security Standards
Implementation Plan for Version 5 CIP Cyber Security Standards April 10September 17, 2012 Note: On September 17, 2012, NERC was alerted that some references in the Initial Performance of Certain Periodic
More informationNERC CIP in the Real World on a Real Budget
NERC CIP in the Real World on a Real Budget (Strategies for NERC CIP compliance with Ethernet Technology) Authors: Chan Wong PhD., PMP, Engineer 639 Loyola Ave, New Orleans, LA, (504)-495-3765, CWong@entergy.com
More informationEEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1,
EEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1, 2008 www.morganlewis.com Overview Reliability Standards Enforcement Framework Critical Infrastructure Protection (CIP)
More informationCritical Infrastructure Protection (CIP) Version 5 Revisions. Standard Drafting Team Update Industry Webinar September 19, 2014
Critical Infrastructure Protection (CIP) Version 5 Revisions Standard Drafting Team Update Industry Webinar September 19, 2014 Administrative Items NERC Antitrust Guidelines It is NERC s policy and practice
More informationLive Webinar: Best Practices in Substation Security November 17, 2014
Live Webinar: Best Practices in Substation Security November 17, 2014 1 Agenda & Panelists Welcome & Introduction - Allan Wick, CFE, CPP, PSP, PCI, CBCP Enterprise Security Manager-CSO Tri-State Generation
More informationInteractive Remote Access FERC Remote Access Study Compliance Workshop October 27, Eric Weston Compliance Auditor Cyber Security.
Interactive Remote Access Compliance Workshop October 27, 2016 Eric Weston Compliance Auditor Cyber Security 2 Agenda Interactive Remote Access Overview Review of Use Cases and Strategy 1 Interactive Remote
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationCIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra
CIP-014 JEA Compliance Approach FRCC Fall Compliance Workshop Presenter Daniel Mishra Acronyms & Terminologies DHS Department of Homeland Security JEA It s not an acronym JSO Jacksonville Sheriff's Office
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationSecurity Standards for Electric Market Participants
Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationCritical Infrastructure Protection Version 5
Critical Infrastructure Protection Version 5 Tobias Whitney, Senior CIP Manager, Grid Assurance, NERC Compliance Committee Open Meeting August 9, 2017 Agenda Critical Infrastructure Protection (CIP) Standards
More informationStandard CIP 007 4a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4a 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for
More informationNERC CIP: Fundamental Security Requirements of an Electronic Access Control and Monitoring System (EACMS) Requirements Mapping to ConsoleWorks
NERC CIP: Fundamental Security Requirements of an Electronic Access Control and Monitoring System (EACMS) Requirements Mapping to ConsoleWorks NERC Standard Requirement Requirement Text Measures ConsoleWorks
More informationNERC CIP Compliance Matrix of RUGGEDCOM CROSSBOW Operating System
Application description 04/2017 NERC CIP Compliance Matrix of RUGGEDCOM RUGGEDCOM https://support.industry.siemens.com/cs/ww/en/view/109747098 Warranty and Liability Warranty and Liability Note The Application
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014
Federal Energy Regulatory Commission Order No. 791 June 2, 2014 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently proposed
More informationImplementing Cyber-Security Standards
Implementing Cyber-Security Standards Greg Goodrich TFIST Chair, CISSP New York Independent System Operator Northeast Power Coordinating Council General Meeting Montreal, QC November 28, 2012 Topics Critical
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-6 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the Bulk Electric
More informationImplementation Plan. Project CIP Version 5 Revisions. January 23, 2015
Implementation Plan Project 2014-02 CIP Version 5 Revisions January 23, 2015 This Implementation Plan for the Reliability Standards developed as part of Project 2014-02 CIP Version 5 Revisions replaces
More informationCyber Security Supply Chain Risk Management
Cyber Security Supply Chain Risk Management JoAnn Murphy, SDT Vice Chair, PJM Interconnection May 31, 2017 FERC Order No. 829 [the Commission directs] that NERC, pursuant to section 215(d)(5) of the FPA,
More informationDRAFT. Cyber Security Communications between Control Centers. March May Technical Rationale and Justification for Reliability Standard CIP-012-1
DRAFT Cyber Security Communications between Control Centers Technical Rationale and Justification for Reliability Standard CIP-012-1 March May 2018 NERC Report Title Report Date I Table of Contents Preface...
More informationImplementation Plan. Project CIP Version 5 Revisions 1. January 23, 2015
Implementation Plan Project 2014-02 CIP Version 5 Revisions January 23, 2015 This Implementation Plan for the Reliability Standards developed as part of Project 2014 02 CIP Version 5 Revisions replaces
More informationFrequently Asked Questions CIP Version 5 Standards April 1, 2015
Frequently Asked Questions CIP Version 5 Standards April 1, 2015 This draft document provides answers to questions asked by entities as they transition to the CIP Version 5 Reliability Standards. The information
More informationCIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security System Security Management 2. Number: CIP-007-5 3. Purpose: To manage system security by specifying select technical, operational, and procedural requirements in
More informationCIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-5 3. Purpose: To manage electronic access to BES Cyber Systems by specifying a controlled Electronic Security
More informationStandard CIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for securing
More informationCIP Substation Security Project Update
CIP Substation Security Project Update VELCO OPERATING COMMITTEE MAY 15, 2014 5/14/2014 1 CIP Substation Security Project Update 2013 Security Project Activities/Accomplishments NERC CIP - Version 5 Compliance
More informationDRAFT. Standard 1300 Cyber Security
These definitions will be posted and balloted along with the standard, but will not be restated in the standard. Instead, they will be included in a separate glossary of terms relevant to all standards
More informationPurpose. ERO Enterprise-Endorsed Implementation Guidance
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1 Requirement R1: Impact Rating of Generation Resource Shared BES Cyber Systems Version: January 29, 2015 Authorized by the Standards Committee
More informationCIP Cyber Security Recovery Plans for BES Cyber Systems
A. Introduction 1. Title: Cyber Security Recovery Plans for BES Cyber Systems 2. Number: CIP-009-6 3. Purpose: To recover reliability functions performed by BES Cyber Systems by specifying recovery plan
More informationCenteris Data Centers - Security Procedure. Revision Date: 2/28/2018 Effective Date: 2/28/2018. Site Information
Section 01 Document Information Creation Date: 12/1/2016 Centeris Data Centers - Security Procedure Revision Date: 2/28/2018 Effective Date: 2/28/2018 Section 02 Site Information Site Information Document
More informationOPUC Workshop March 13, 2015 Cyber Security Electric Utilities. Portland General Electric Co. Travis Anderson Scott Smith
OPUC Workshop March 13, 2015 Cyber Security Electric Utilities Portland General Electric Co. Travis Anderson Scott Smith 1 CIP Version 5 PGE Implementation Understanding the Regulations PGE Attended WECC
More informationPhysical and Environmental Security Standards
Physical and Environmental Security Standards Table of Contents 1. SECURE AREAS... 2 1.1 PHYSICAL SECURITY PERIMETER... 2 1.2 PHYSICAL ENTRY CONTROLS... 3 1.3 SECURING OFFICES, ROOMS AND FACILITIES...
More informationOut-of-Band Management
Out-of-Band Management April 9, 2019 Holly Eddy, CISA, CRISC, CISSP Auditor, Cyber Security 2 3 Opening Statement Out-of-band management is often referred to as managing the keys to the kingdom given the
More informationSecurity Principles for Stratos. Part no. 667/UE/31701/004
Mobility and Logistics, Traffic Solutions Security Principles for Stratos Part no. THIS DOCUMENT IS ELECTRONICALLY APPROVED AND HELD IN THE SIEMENS DOCUMENT CONTROL TOOL. All PAPER COPIES ARE DEEMED UNCONTROLLED
More informationNERC-Led Technical Conferences
NERC-Led Technical Conferences NERC s Headquarters Atlanta, GA Tuesday, January 21, 2014 Sheraton Phoenix Downtown Phoenix, AZ Thursday, January 23, 2014 Administrative Items NERC Antitrust Guidelines
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015
Federal Energy Regulatory Commission Order No. 791 January 23, 2015 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationLesson Learned CIP Version 5 Transition Program CIP R1: Grouping BES Cyber Assets Version: March 2, 2014
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1 R1: Grouping BES Cyber Assets Version: March 2, 2014 This document is designed to convey lessons learned from NERC s various CIP version 5 transition
More informationA. Introduction 1. Title: 2. Number: 3. Purpose: 4. Applicability: 4.1. Functional Entities: Balancing Authority Distribution Provider
The Background, VRF/VSLs, and Guidelines and Technical Basis Sections have been removed for this informal posting. The Project 2016-02 is seeking comments around the concept of the Requirement/Measure
More informationi-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS
i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS siemens.com/ruggedcom INTERACTIVE REMOTE ACCESS INTELLIGENT ELECTRONIC DEVICES Intelligent Electronic Devices (IEDs) Devices that can provide real-time
More informationBryan Carr PMP, CISA Compliance Auditor Cyber Security. Audit Evidence & Attachment G CIP 101 Salt Lake City, UT September 25, 2013
Bryan Carr PMP, CISA Compliance Auditor Cyber Security Audit Evidence & Attachment G CIP 101 Salt Lake City, UT September 25, 2013 About Me Joined WECC in August 2012 Before WECC CIP Compliance Program
More informationSecuring the Grid and Your Critical Utility Functions. April 24, 2017
Securing the Grid and Your Critical Utility Functions April 24, 2017 1 Securing the Grid Effectively and Efficiently Recent threats to the Electric Grid and the importance of security Standards and Requirements
More informationCIP Cyber Security Security Management Controls. A. Introduction
CIP-003-7 - Cyber Security Security Management Controls A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-7 3. Purpose: To specify consistent and sustainable security
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationStandard CIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-1 3. Purpose: Standard CIP-007 requires Responsible Entities to define methods, processes, and procedures for securing
More informationCIP Cyber Security Recovery Plans for BES Cyber Systems
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCIP Cyber Security Security Management Controls
A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-6 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and
More informationDecember 30, 2015 VIA ELECTRONIC FILING
VIA ELECTRONIC FILING Ms. Kimberly D. Bose Secretary Federal Energy Regulatory Commission 888 First Street, N.E. Washington, DC 20426 Re: NERC Full Notice of Penalty regarding, FERC Docket No. NP16-_-000
More informationProject Physical Security Directives Mapping Document
Document Background In Order No. 802 (final order on CIP-014-1 Physical Security), issued on November 20, 2014, FERC directed NERC to remove the term widespread from Reliability Standard CIP-014-1 or,
More informationWatson Developer Cloud Security Overview
Watson Developer Cloud Security Overview Introduction This document provides a high-level overview of the measures and safeguards that IBM implements to protect and separate data between customers for
More informationReliability Standard Audit Worksheet 1
Reliability Standard Audit Worksheet 1 CIP-002-5.1 Cyber Security BES Cyber System Categorization This section to be completed by the Compliance Enforcement Authority. Audit ID: Registered Entity: NCR
More informationNB Appendix CIP NB-0 - Cyber Security Personnel & Training
This appendix establishes modifications to the FERC approved NERC standard CIP-004-5.1 for its specific application in New Brunswick. This appendix must be read with CIP-004-5.1 to determine a full understanding
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationLow Impact BES Cyber Systems. Cyber Security Security Management Controls CIP Dave Kenney
Low Impact BES Cyber Systems Cyber Security Security Management Controls CIP-003-6 Dave Kenney November 9, 2016 Presentation Agenda Outreach Observations/Audit Approach Cyber Security Awareness Physical
More informationThis section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Description of Current Draft
More informationJim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas
Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas Facts expressed in this presentation are Facts Opinions express in this presentation are solely my own The voices I
More informationCIP Cyber Security Configuration Change Management and Vulnerability AssessmentsManagement
The Background, VRF/VSLs, and Guidelines and Technical Basis Sections have been removed for this informal posting. The Project 2016-02 is seeking comments around the concept of the Requirement/Measure
More informationStandard Development Timeline
CIP-008-6 Incident Reporting and Response Planning Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard
More informationLesson Learned CIP Version 5 Transition Program CIP R1: Grouping BES Cyber Assets Version: September 8, 2015
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1 R1: Grouping BES Cyber Assets Version: September 8, 2015 This document is designed to convey lessons learned from NERC s various CIP version
More informationAccess Control and CIP 10/20/2011
Access Control and CIP 10/20/2011 Agenda Access Control Requirements Impact on Entities Risk Discussion Response Discussion Future pursuit 2 RELIABILITY ACCOUNTABILITY Let s Talk CIP 3 RELIABILITY ACCOUNTABILITY
More information