SlideShare a Scribd company logo

NESCO/NESCOR Joint Overview

EnergySec
EnergySec
Technology
1 of 25
National Electric Sector Cybersecurity Organization & Resource (NESCO/NESCOR) Joint Overview Patrick C Miller, President and CEO, EnergySec Erfan Ibrahim, PhD, Technical Executive, EPRI March 23 2011
NESCO/NESCOR Partnership • EnergySec = National Electric Sector Cybersecurity Organization (NESCO) • EPRI = National Electric Sector Cybersecurity Organization Resource (NESCOR) The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
Complementary Programs NESCO (EnergySec) NESCOR (EPRI) Primary grant recipient; “EnergySec R&D Partner; “EPRI led team will provide will form the organization to be a research and analysis resource for known as NESCO” NESCO to mitigate risks from imminent threats and vulnerabilities” Emphasis on information and EPRI led team will harmonize resource sharing, collaboration, cybersecurity requirements from NIST situational/tactical awareness, rapid CSWG, DHS ICS JWG, NERC and notification, forensics and applied OpenSG Utilisec and assess research cybersecurity posture of standards and technologies (including lab testing) Asset owner participation is primary EPRI led team includes 17 partners from vehicle, supplemented by SME research labs, academia and other SMEs contractors Both organizations focus on near and long term issues The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
NESCO/NESCOR Projects 1 2 Industry Research Request NESCO Project Summary NESCO Asset Project R Threat and Owners Validation, Input Vulnerability Assessment and 4 & Tracking 3 Government Mitigation Group Project Project Approval Project Estimate Cyber Security NERC 5 Management 6 Tech. Testing & Validation Group Trade Orgs Project Cyber Security Standardization Requirements and 8 and Delivery 7 Standards Vendors Project Delivery Project Delivery Assessment Group Other Other research industry paths projects The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
NESCO OVERVIEW
EnergySec History • 7/2004: EnergySec founded as E-Sec NW • 1/2008: SANS Information Sharing Award • 12/2008: Incorporated as EnergySec • 10/2009: 501(c)(3) nonprofit determination • 4/2010: EnergySec applied for National Electric Sector Cybersecurity Organization (NESCO) FOA • 7/2010: NESCO grant award from DOE • 10/2010: NESCO became operational The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
EnergySec Membership Stats 547 members from 161 organizations US Nameplate Generation US Residential Distribution 74% 60% The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
NESCO Background • Mission: Lead a broad-based, public-private partnership to improve electric sector energy systems cyber security • Goals: – Identify and disseminate common, effective cyber security practices – Analyze, monitor and relay infrastructure threat information – Focus cybersecurity research and development priorities – Work with federal agencies to improve electric sector cyber security – Encourage key electric sector supplier and vendor support / interaction The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
Public-Private Perceptions • Government moves too slowly, over- classifies and narrowly distributes • Industry can’t protect the shared information and doesn’t respond appropriately • Lack of parity in degree and quality of information shared in both directions The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
How Does This Work? • Sharing requires trust • Trust is built on relationships • NESCO fosters trustworthy relationships – Bringing people together – Flexible technology options to extend and enhance relationships – Organic growth; birds of a feather The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9
Support, Not Duplicate The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 10
Collaboration Initiatives • What works, what doesn’t • Benchmarking • Situational (tactical) security awareness • Threat and vulnerability analysis • Shared/crowd-sourced resources (repository) • Mentoring The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 11
NESCO Outreach • Annual Summit – October, San Diego • Town Hall Meetings – April 27, Austin • Voice Of The Industry Meetings • Interest Groups: – Open Source, Intrusion Detection, Forensics, Security Architecture, Workforce Development, Threat Assessment • Webinars, Briefings • Social media The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 12
Technology Portfolio • Email distribution lists • Secure portal with forums • Secure instant messaging • Rapid notification mechanisms • Web collaboration • Resource repository • Most technologies have non- attribution (anonymous) options The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 13
Resource Repository • Code snippets • IDS/attack signatures • Audit templates • Reference architectures • System configurations • Policy, process, procedure templates • Compliance practices • And more… The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 14
NESCOR OVERVIEW
NESCOR Background DOE issued a Funding Opportunity Notice (FOA DE 0000245) in April 2010 to establish the National Electric Sector Cyber Security Organization (NESCO) as a public private partnership to: – Evaluate cyber security posture for legacy systems – Evaluate deployability of emerging cyber security technologies – Collaborate and coordinate to identify cyber security requirements – Perform use case analysis for risk identification, assessment, and development of risk mitigation strategies – Develop cyber security best practices and metrics – Establish and operate a Cyber Incident Data Center (CIDC) An EPRI Led Team with Support from PDU Executive Committee Members Responded to DOE FOA The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 16
NESCOR Team National/Commer Focus Areas cial Research Other Subject •Review NIST, DHS, NERC Labs Academia Matter Experts and other cyber security • Oak Ridge • University of • N-Dimension requirements and results National Lab Houston • Inguardians •Assess existing power • Sandia National • UCLA • Arc Technical system and cyber security Lab • UC Berkeley • EnerNex standards to meet the security requirements of • Idaho National • University of • Xanthus the power system Lab Minnesota Consulting • National Smart Grid International •Identify vulnerabilities, Renewable Consortium • TLI Inc (Texas develop risk mitigation strategies, best practices Energy Lab A&M and metrics in collaboration • Palo Alto University) with NESCO Research •Test security technologies Center in labs and pilot projects • SRI • Telcordia The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 17
NESCOR Vision • Strategic focus: Provide a focal point for bringing together utilities, federal agencies, regulators, and researchers to address the electric sector security threats • Program objectives: –Develop risk mitigation strategies, best practices and metrics –Test security technologies in labs and pilot projects –Harmonize security requirements across bodies of work from DHS, NIST, NERC, etc. –Assess existing power system and cyber security standards to meet the security requirements of the power system The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 18
NESCOR Program Structure EPRI will create and lead three Threat and working groups: Vulnerability Assessment and Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 19
NESCOR Program Structure Working groups populated by National Each WG collaborates Labs, Universities, and with IOUs, Muni’s, Co- Threat and Ops, and ISOs Subject Matter Experts Vulnerability Assessment and Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group Program advised by Industry Advisory Board composed of industry groups, federal agencies, and regulators The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 20
Technology Readiness Level Interoperability testing Developing vulnerability mitigations Testing emerging security technologies The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 21
NESCOR Program Structure NESCOR seeds • Solutions to projects for the current Threat and vulnerabilities EPRI Cyber Vulnerability Security Assessment and Program Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group • Developing • Transferring solutions for technology to security gaps industry The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 22
NESCOR Outreach • Need representation from cyber security subject matter experts at IOUs, Municipals and Coops on the three technical working groups conference calls and technical deliberations – 90 minutes every other week on conference calls for each task group starting Mid April 2011 – Background technical work to collect info and apply project results (5 – 10 hours per month) • Populate the NESCOR Advisory Board with senior executives from various industry stakeholder groups for project direction setting • Get the word out for increased collaboration • Project Duration: October 2010 – September 2013 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 23
Questions? Non-profit. Independent. Trusted. Patrick C Miller Erfan Ibrahim, PhD President and CEO Technical Executive, NESCOR Lead patrick@energysec.org eibrahim@epri.com 503-446-1212 925-785-5967 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 24

Recommended

e-BioGrid_NBIC Conference 2011 april 20
e-BioGrid_NBIC Conference 2011 april 20e-BioGrid_NBIC Conference 2011 april 20
e-BioGrid_NBIC Conference 2011 april 20INooren
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
Grid07 2 Kranzlmuller
Grid07 2 KranzlmullerGrid07 2 Kranzlmuller
Grid07 2 Kranzlmullerimec.archive
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
IRJET- Prediction of Anomalous Activities in a Video
IRJET- Prediction of Anomalous Activities in a VideoIRJET- Prediction of Anomalous Activities in a Video
IRJET- Prediction of Anomalous Activities in a VideoIRJET Journal
 
CTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-KattaniCTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-Kattanisegughana
 
2012 13 ieee java titles - jp infotech
2012 13 ieee java titles - jp infotech2012 13 ieee java titles - jp infotech
2012 13 ieee java titles - jp infotechJPINFOTECH JAYAPRAKASH
 

Recommended

e-BioGrid_NBIC Conference 2011 april 20
e-BioGrid_NBIC Conference 2011 april 20e-BioGrid_NBIC Conference 2011 april 20
e-BioGrid_NBIC Conference 2011 april 20INooren
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
Grid07 2 Kranzlmuller
Grid07 2 KranzlmullerGrid07 2 Kranzlmuller
Grid07 2 Kranzlmullerimec.archive
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
IRJET- Prediction of Anomalous Activities in a Video
IRJET- Prediction of Anomalous Activities in a VideoIRJET- Prediction of Anomalous Activities in a Video
IRJET- Prediction of Anomalous Activities in a VideoIRJET Journal
 
CTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-KattaniCTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-Kattanisegughana
 
2012 13 ieee java titles - jp infotech
2012 13 ieee java titles - jp infotech2012 13 ieee java titles - jp infotech
2012 13 ieee java titles - jp infotechJPINFOTECH JAYAPRAKASH
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
WICF Grass Roots Compliance
WICF Grass Roots ComplianceWICF Grass Roots Compliance
WICF Grass Roots ComplianceEnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
Cybersecurity Vendor Considerations
Cybersecurity Vendor ConsiderationsCybersecurity Vendor Considerations
Cybersecurity Vendor ConsiderationsEnergySec
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTERN Australia
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
D brown gbezos_shirshorn
D brown gbezos_shirshornD brown gbezos_shirshorn
D brown gbezos_shirshornNASAPMC
 
National Grid Singapore (Jon Lau Khee Erng)
National Grid Singapore (Jon Lau Khee Erng)National Grid Singapore (Jon Lau Khee Erng)
National Grid Singapore (Jon Lau Khee Erng)James Chan
 
Information Extraction and Integration of Hard and Soft Information for D2D v...
Information Extraction and Integration of Hard and Soft Information for D2D v...Information Extraction and Integration of Hard and Soft Information for D2D v...
Information Extraction and Integration of Hard and Soft Information for D2D v...DataCards
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 OverviewEnergySec
 
Vectors in Federal Cloud Computing - Network-centric Interoperability
Vectors in Federal Cloud Computing - Network-centric InteroperabilityVectors in Federal Cloud Computing - Network-centric Interoperability
Vectors in Federal Cloud Computing - Network-centric InteroperabilityGovCloud Network
 
Ashwin Resume
Ashwin ResumeAshwin Resume
Ashwin ResumeAshwin Vijay
 
HEC Project Proposal_v1.0
HEC Project Proposal_v1.0HEC Project Proposal_v1.0
HEC Project Proposal_v1.0Awais Shibli
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
EGEE 3 Project
EGEE 3 ProjectEGEE 3 Project
EGEE 3 Projectalexstanciu
 
Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010GovCloud Network
 
Doing Science Properly In The Digital Age - Rutgers Seminar
Doing Science Properly In The Digital Age - Rutgers SeminarDoing Science Properly In The Digital Age - Rutgers Seminar
Doing Science Properly In The Digital Age - Rutgers SeminarNeil Chue Hong
 

More Related Content

Viewers also liked

Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
WICF Grass Roots Compliance
WICF Grass Roots ComplianceWICF Grass Roots Compliance
WICF Grass Roots ComplianceEnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
Cybersecurity Vendor Considerations
Cybersecurity Vendor ConsiderationsCybersecurity Vendor Considerations
Cybersecurity Vendor ConsiderationsEnergySec
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 

Viewers also liked (7)

Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer Look
 
WICF Grass Roots Compliance
WICF Grass Roots ComplianceWICF Grass Roots Compliance
WICF Grass Roots Compliance
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business Perspective
 
Cybersecurity Vendor Considerations
Cybersecurity Vendor ConsiderationsCybersecurity Vendor Considerations
Cybersecurity Vendor Considerations
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription Webinar
 

Similar to NESCO/NESCOR Joint Overview

Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTERN Australia
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
D brown gbezos_shirshorn
D brown gbezos_shirshornD brown gbezos_shirshorn
D brown gbezos_shirshornNASAPMC
 
National Grid Singapore (Jon Lau Khee Erng)
National Grid Singapore (Jon Lau Khee Erng)National Grid Singapore (Jon Lau Khee Erng)
National Grid Singapore (Jon Lau Khee Erng)James Chan
 
Information Extraction and Integration of Hard and Soft Information for D2D v...
Information Extraction and Integration of Hard and Soft Information for D2D v...Information Extraction and Integration of Hard and Soft Information for D2D v...
Information Extraction and Integration of Hard and Soft Information for D2D v...DataCards
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 OverviewEnergySec
 
Vectors in Federal Cloud Computing - Network-centric Interoperability
Vectors in Federal Cloud Computing - Network-centric InteroperabilityVectors in Federal Cloud Computing - Network-centric Interoperability
Vectors in Federal Cloud Computing - Network-centric InteroperabilityGovCloud Network
 
HEC Project Proposal_v1.0
HEC Project Proposal_v1.0HEC Project Proposal_v1.0
HEC Project Proposal_v1.0Awais Shibli
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010GovCloud Network
 
Doing Science Properly In The Digital Age - Rutgers Seminar
Doing Science Properly In The Digital Age - Rutgers SeminarDoing Science Properly In The Digital Age - Rutgers Seminar
Doing Science Properly In The Digital Age - Rutgers SeminarNeil Chue Hong
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 
Athens Owasp workshop Athens Digital Week 2010
Athens Owasp workshop Athens Digital Week 2010Athens Owasp workshop Athens Digital Week 2010
Athens Owasp workshop Athens Digital Week 2010Poulopoulos Ioannis
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 

Similar to NESCO/NESCOR Joint Overview (20)

Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric Sector
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric Sector
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasets
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot Camp
 
D brown gbezos_shirshorn
D brown gbezos_shirshornD brown gbezos_shirshorn
D brown gbezos_shirshorn
 
National Grid Singapore (Jon Lau Khee Erng)
National Grid Singapore (Jon Lau Khee Erng)National Grid Singapore (Jon Lau Khee Erng)
National Grid Singapore (Jon Lau Khee Erng)
 
Information Extraction and Integration of Hard and Soft Information for D2D v...
Information Extraction and Integration of Hard and Soft Information for D2D v...Information Extraction and Integration of Hard and Soft Information for D2D v...
Information Extraction and Integration of Hard and Soft Information for D2D v...
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 Overview
 
Vectors in Federal Cloud Computing - Network-centric Interoperability
Vectors in Federal Cloud Computing - Network-centric InteroperabilityVectors in Federal Cloud Computing - Network-centric Interoperability
Vectors in Federal Cloud Computing - Network-centric Interoperability
 
Ashwin Resume
Ashwin ResumeAshwin Resume
Ashwin Resume
 
HEC Project Proposal_v1.0
HEC Project Proposal_v1.0HEC Project Proposal_v1.0
HEC Project Proposal_v1.0
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO Overview
 
EGEE 3 Project
EGEE 3 ProjectEGEE 3 Project
EGEE 3 Project
 
Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010
 
Doing Science Properly In The Digital Age - Rutgers Seminar
Doing Science Properly In The Digital Age - Rutgers SeminarDoing Science Properly In The Digital Age - Rutgers Seminar
Doing Science Properly In The Digital Age - Rutgers Seminar
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity Briefing
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD Meeting
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
 
Athens Owasp workshop Athens Digital Week 2010
Athens Owasp workshop Athens Digital Week 2010Athens Owasp workshop Athens Digital Week 2010
Athens Owasp workshop Athens Digital Week 2010
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD Meeting
 

More from EnergySec

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...EnergySec
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyEnergySec
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...EnergySec
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityEnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachEnergySec
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!EnergySec
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueEnergySec
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherEnergySec
 

More from EnergySec (20)

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each Other
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

NESCO/NESCOR Joint Overview

  • 1. National Electric Sector Cybersecurity Organization & Resource (NESCO/NESCOR) Joint Overview Patrick C Miller, President and CEO, EnergySec Erfan Ibrahim, PhD, Technical Executive, EPRI March 23 2011
  • 2. NESCO/NESCOR Partnership • EnergySec = National Electric Sector Cybersecurity Organization (NESCO) • EPRI = National Electric Sector Cybersecurity Organization Resource (NESCOR) The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
  • 3. Complementary Programs NESCO (EnergySec) NESCOR (EPRI) Primary grant recipient; “EnergySec R&D Partner; “EPRI led team will provide will form the organization to be a research and analysis resource for known as NESCO” NESCO to mitigate risks from imminent threats and vulnerabilities” Emphasis on information and EPRI led team will harmonize resource sharing, collaboration, cybersecurity requirements from NIST situational/tactical awareness, rapid CSWG, DHS ICS JWG, NERC and notification, forensics and applied OpenSG Utilisec and assess research cybersecurity posture of standards and technologies (including lab testing) Asset owner participation is primary EPRI led team includes 17 partners from vehicle, supplemented by SME research labs, academia and other SMEs contractors Both organizations focus on near and long term issues The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
  • 4. NESCO/NESCOR Projects 1 2 Industry Research Request NESCO Project Summary NESCO Asset Project R Threat and Owners Validation, Input Vulnerability Assessment and 4 & Tracking 3 Government Mitigation Group Project Project Approval Project Estimate Cyber Security NERC 5 Management 6 Tech. Testing & Validation Group Trade Orgs Project Cyber Security Standardization Requirements and 8 and Delivery 7 Standards Vendors Project Delivery Project Delivery Assessment Group Other Other research industry paths projects The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
  • 6. EnergySec History • 7/2004: EnergySec founded as E-Sec NW • 1/2008: SANS Information Sharing Award • 12/2008: Incorporated as EnergySec • 10/2009: 501(c)(3) nonprofit determination • 4/2010: EnergySec applied for National Electric Sector Cybersecurity Organization (NESCO) FOA • 7/2010: NESCO grant award from DOE • 10/2010: NESCO became operational The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
  • 7. EnergySec Membership Stats 547 members from 161 organizations US Nameplate Generation US Residential Distribution 74% 60% The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
  • 8. NESCO Background • Mission: Lead a broad-based, public-private partnership to improve electric sector energy systems cyber security • Goals: – Identify and disseminate common, effective cyber security practices – Analyze, monitor and relay infrastructure threat information – Focus cybersecurity research and development priorities – Work with federal agencies to improve electric sector cyber security – Encourage key electric sector supplier and vendor support / interaction The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
  • 9. Public-Private Perceptions • Government moves too slowly, over- classifies and narrowly distributes • Industry can’t protect the shared information and doesn’t respond appropriately • Lack of parity in degree and quality of information shared in both directions The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
  • 10. How Does This Work? • Sharing requires trust • Trust is built on relationships • NESCO fosters trustworthy relationships – Bringing people together – Flexible technology options to extend and enhance relationships – Organic growth; birds of a feather The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9
  • 11. Support, Not Duplicate The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 10
  • 12. Collaboration Initiatives • What works, what doesn’t • Benchmarking • Situational (tactical) security awareness • Threat and vulnerability analysis • Shared/crowd-sourced resources (repository) • Mentoring The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 11
  • 13. NESCO Outreach • Annual Summit – October, San Diego • Town Hall Meetings – April 27, Austin • Voice Of The Industry Meetings • Interest Groups: – Open Source, Intrusion Detection, Forensics, Security Architecture, Workforce Development, Threat Assessment • Webinars, Briefings • Social media The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 12
  • 14. Technology Portfolio • Email distribution lists • Secure portal with forums • Secure instant messaging • Rapid notification mechanisms • Web collaboration • Resource repository • Most technologies have non- attribution (anonymous) options The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 13
  • 15. Resource Repository • Code snippets • IDS/attack signatures • Audit templates • Reference architectures • System configurations • Policy, process, procedure templates • Compliance practices • And more… The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 14
  • 17. NESCOR Background DOE issued a Funding Opportunity Notice (FOA DE 0000245) in April 2010 to establish the National Electric Sector Cyber Security Organization (NESCO) as a public private partnership to: – Evaluate cyber security posture for legacy systems – Evaluate deployability of emerging cyber security technologies – Collaborate and coordinate to identify cyber security requirements – Perform use case analysis for risk identification, assessment, and development of risk mitigation strategies – Develop cyber security best practices and metrics – Establish and operate a Cyber Incident Data Center (CIDC) An EPRI Led Team with Support from PDU Executive Committee Members Responded to DOE FOA The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 16
  • 18. NESCOR Team National/Commer Focus Areas cial Research Other Subject •Review NIST, DHS, NERC Labs Academia Matter Experts and other cyber security • Oak Ridge • University of • N-Dimension requirements and results National Lab Houston • Inguardians •Assess existing power • Sandia National • UCLA • Arc Technical system and cyber security Lab • UC Berkeley • EnerNex standards to meet the security requirements of • Idaho National • University of • Xanthus the power system Lab Minnesota Consulting • National Smart Grid International •Identify vulnerabilities, Renewable Consortium • TLI Inc (Texas develop risk mitigation strategies, best practices Energy Lab A&M and metrics in collaboration • Palo Alto University) with NESCO Research •Test security technologies Center in labs and pilot projects • SRI • Telcordia The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 17
  • 19. NESCOR Vision • Strategic focus: Provide a focal point for bringing together utilities, federal agencies, regulators, and researchers to address the electric sector security threats • Program objectives: –Develop risk mitigation strategies, best practices and metrics –Test security technologies in labs and pilot projects –Harmonize security requirements across bodies of work from DHS, NIST, NERC, etc. –Assess existing power system and cyber security standards to meet the security requirements of the power system The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 18
  • 20. NESCOR Program Structure EPRI will create and lead three Threat and working groups: Vulnerability Assessment and Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 19
  • 21. NESCOR Program Structure Working groups populated by National Each WG collaborates Labs, Universities, and with IOUs, Muni’s, Co- Threat and Ops, and ISOs Subject Matter Experts Vulnerability Assessment and Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group Program advised by Industry Advisory Board composed of industry groups, federal agencies, and regulators The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 20
  • 22. Technology Readiness Level Interoperability testing Developing vulnerability mitigations Testing emerging security technologies The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 21
  • 23. NESCOR Program Structure NESCOR seeds • Solutions to projects for the current Threat and vulnerabilities EPRI Cyber Vulnerability Security Assessment and Program Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group • Developing • Transferring solutions for technology to security gaps industry The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 22
  • 24. NESCOR Outreach • Need representation from cyber security subject matter experts at IOUs, Municipals and Coops on the three technical working groups conference calls and technical deliberations – 90 minutes every other week on conference calls for each task group starting Mid April 2011 – Background technical work to collect info and apply project results (5 – 10 hours per month) • Populate the NESCOR Advisory Board with senior executives from various industry stakeholder groups for project direction setting • Get the word out for increased collaboration • Project Duration: October 2010 – September 2013 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 23
  • 25. Questions? Non-profit. Independent. Trusted. Patrick C Miller Erfan Ibrahim, PhD President and CEO Technical Executive, NESCOR Lead patrick@energysec.org eibrahim@epri.com 503-446-1212 925-785-5967 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 24