Addressing NERC-CIP Compliance Challenge for Utilities through IT Service Management. Patrik Ringqvist Principal Solution Consultant

Transcription

1 Addressing NERC-CIP Compliance Challenge for Utilities through IT Service Management Patrik Ringqvist Principal Solution Consultant

2 Utility IT Service Management Challenges NERC Compliance ITIL Compliance Integration Integrity of Inventory Data Technology Evolution

3 NERC/CIP Highlights Cyber Security Policies Training and Awareness Access Management and Revocation Electronic Security Perimeters Interactive Remote Access Communications Security Physical Security Patch Management Malicious Code Prevention Configuration Change Management Vulnerability Assessments

4 Security Framework People Talking same language Development of cyber-physical engineers Process Integration of communications plans Integration of incident response/operation centers Technology Convergence is happening New network technologies are introduced New technology investments must support IT/OT convergence Value across all areas PEOPLE TECHNOLOGY PROCESS 4

5 Configuration repository and baseline Key NERC/CIP Items Related to Cyber System Categorization ITSM Systems Cyber Security Management Controls Segregation of duties Job change and termination Emergency and temporary authorizations Event management and log Incident Reporting and Response Planning Cyber Security Incident Response Plan Specifications Cyber Security Incident Response Plan Implementation and Testing Cyber Security Incident Response Plan, Review, Update, and Communication Incident handling Change Management and Vulnerability Assessments Configuration Baseline Configuration Control Technology Standards Configuration Management Procedures Emergency Changes Change Request Initiation and Control Control of Changes Emergency Changes

6 Smart Grid Changes The Utility Structure Places Greater Reliance On Communications Systems Radial Networked

7 Key Technology Values Of LTE/5G SIMPLE IP NETWORK ARCHITECTURE QOS, POLICY CONTROL & PRIORITY HANDLING VERY LOW LATENCY VERY HIGH BANDWIDTH Global Standard Future-Proofed Technology SECURE ECOSYSTEM ECONOMIES OF SCALE EFFICIENT MULTICAST / BROADCAST SCALABLE BANDWIDTH

8 LTE/5G Is a Multi Service Communication Technology MACHINE COMMUNICATION SERVICES BROADBAND DATA SERVICES VIDEO/VOICE SERVICES PTT SERVICES LAND MOBILE RADIO LTE

9 Connect The Grid With Wireless LTE/5G Use Cases Distribution Automation Communications SCADA Communications Advanced Metering Infrastructure Critical Infrastructure Protection (Security) Mission Critical Push To Talk Mobile Broadband, Voice Video, Chat Workforce Management Fleet Tracking Asset Management Transfer-Tripping of IPPs Remote Wi-Fi Hot Spots

10 LTE Network Security Cyber and Physical Security SOC Client Application Layer Security Syslog Server NAS Encryption & Authentication MME HSS Device Signaling & User Plan Encryption enb Base Station IPSEC Firewall Firewall Firewall GW Core Location IPSEC Application Data Center

11 Automation: Security Information And Event Management System (SIEM) Continuous compliance monitoring 100% COMPLIANCE NF1 NF2 NF3 Continuous compliance monitoring 67% COMPLIANCE NF1 NF2 NF3 Continuous compliance monitoring 100% COMPLIANCE NF1 NF2 NF3 Manual activation of telnet service in NF3 (malicious or mistake) Automatic or triggered hardening

12 SIEM Functions Asset Management Policy Management Security Baseline Configuration Security Baseline Compliance Data Integrity Monitoring Threat Management Vulnerability Management Compliance reporting Continuous monitoring & analytics Executable Security Policies Blockchain Automated hardening

13 Thank You!