SlideShare une entreprise Scribd logo

Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compliance by PAS and NovaTech

Télécharger en tant que PPT, PDF
T
TheAnfieldGroup
Technologie
1  sur  22
Presented by PAS and NovaTech July 2013 Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver. 5 Compliance
AGENDA • Group Introductions • Agenda • Review CIP V5 Requirements • Discussion of current practices in generation plants and substations – Inventory – Configuration management – Change management • Case Study of Southern Co. • Panel impressions • Questions – General Discussion
Introductions • Richard Powell – Manager Cyber Security Solutions - PAS – CISSP, CISA – Business development for cyber security – Head of cyber security consulting for a leading CIP consulting group – Head of security and compliance for a large municipal utility • Kevin Johnson – V.P. Business Development – NovaTech – Member of Executive Management Team – Strategic Initiatives & Emerging Technologies – Southeast Utilities Regional Manager
Future NERC CIP Standards NERC CIP Version 4 (approved 4/19/2012) Effective date 4/1/2014 Critical generating assets: o 1500MW power in a single interconnection o 1000MVAR reactive power in a single interconnection o “Reliability Must Run” units o “Black start” units NERC CIP Version 5 (Submitted to FERC 1/31/2013) •Impact Categorization, instead of Critical Assets •New process is introduced in proposed CIP-002-05 for identifying and classifying BES Cyber Systems according to “Low- Medium-High” impact •Two new standards – 010 - Configuration Management and Vulnerability Assessments – 011 – Information Protection •Routable and non-Routable Protocols •Remote Access •Malicious Code Prevention.
CIP 002-011 (Version 5): Overview NERC CIP CYBER SECURITY STANDARDS Version 5 Ten Standards /43 Requirements NERC CIP CYBER SECURITY STANDARDS Version 5 Ten Standards /43 Requirements CRITICAL CYBER ASSETS CRITICAL CYBER ASSETS SECURITY MANAGEMENT CONTROLS SECURITY MANAGEMENT CONTROLS PERSONNEL AND TRAINING PERSONNEL AND TRAINING ELECTRONIC SECURITY ELECTRONIC SECURITY PHYSICAL SECURITY PHYSICAL SECURITY SYSTEMS SECURITY MANAGEMENT SYSTEMS SECURITY MANAGEMENT INCIDENT REPORTING AND RESPONSE PLANNING INCIDENT REPORTING AND RESPONSE PLANNING RECOVERY PLANS FOR BES CYBER ASSETS RECOVERY PLANS FOR BES CYBER ASSETS CIP-002 CIP-003 CIP-004 CIP-005 CIP-006 CIP-007 CIP-008 CIP-009 1. PLAN 2. VISTOR CONTROL PLAN 3. MAINTE- NANCE AND TESTING 1. PLAN 2. VISTOR CONTROL PLAN 3. MAINTE- NANCE AND TESTING 1. PORTS AND SERVICES 2. SECURITY PATCH MANAGEMENT 3. MALICIOUS CODE PREVENTION 4. SECURITY EVENT MONITORING 5. SYSTEM ACCESS CONTROLS 1. PORTS AND SERVICES 2. SECURITY PATCH MANAGEMENT 3. MALICIOUS CODE PREVENTION 4. SECURITY EVENT MONITORING 5. SYSTEM ACCESS CONTROLS 1. CYBER SECURITY INCIDENT RESPONSE PLAN 2. IMPLEMEN- TATION AND TESTING OF CYBER SECURITY INCIDENT RESPONSE PLANS 3. CYBER SECURITY INCIDENT RESPONSE PLAN REVIEW 1. CYBER SECURITY INCIDENT RESPONSE PLAN 2. IMPLEMEN- TATION AND TESTING OF CYBER SECURITY INCIDENT RESPONSE PLANS 3. CYBER SECURITY INCIDENT RESPONSE PLAN REVIEW 1. RECOVERY PLANS 2. RECOVERY PLAN IMPLEMEN- TATION AND TESTING 3. RECOVERY PLAN REVIEW, UPDATE, AND COMMUNI- CATION 1. RECOVERY PLANS 2. RECOVERY PLAN IMPLEMEN- TATION AND TESTING 3. RECOVERY PLAN REVIEW, UPDATE, AND COMMUNI- CATION 1. LOW, MEDIUM, HIGH CRITERIA 2. 15-MONTH REVIEW 1. LOW, MEDIUM, HIGH CRITERIA 2. 15-MONTH REVIEW 1. ELECTRONIC SECURITY PERIMETER 2. REMOTE ACCESS MANAGEMENT 1. ELECTRONIC SECURITY PERIMETER 2. REMOTE ACCESS MANAGEMENT 1. AWARENESS 2. TRAINING 3. PERSONNEL RISK ASSESSMENT 4. ACCESS 5. ACCESS REVOCATION PROGRAM 1. AWARENESS 2. TRAINING 3. PERSONNEL RISK ASSESSMENT 4. ACCESS 5. ACCESS REVOCATION PROGRAM 1. CYBER SECURITY POLICY FOR HIGH /MEDIUM 2. CYBER SECURITY POLICY FOR LOW 3. LEADERSHIP 4. DOCUMENT DELEGATES 1. CYBER SECURITY POLICY FOR HIGH /MEDIUM 2. CYBER SECURITY POLICY FOR LOW 3. LEADERSHIP 4. DOCUMENT DELEGATES Source: NERC (www.nerc.com) CIP = Critical Infrastructure Protection. NERC = North American Electric Reliability Corporation. BES = Bulk Electric System CONFIG. CHANGE & VULN. ASSESS. CONFIG. CHANGE & VULN. ASSESS. INFORMATION PROTECTION INFORMATION PROTECTION CIP-010 CIP-011 1. CONFIGUR- ATION CHANGE MANAGE- MENT PROCESS 2. CONFIGUR- ATION MONITOR- ING 3. VULNER- ABILITY ASSESS- MENTS 1. CONFIGUR- ATION CHANGE MANAGE- MENT PROCESS 2. CONFIGUR- ATION MONITOR- ING 3. VULNER- ABILITY ASSESS- MENTS 1. INFORMATION PROTECTION PROCESS 2. BES CYBER ASSET REUSE AND DISPOSAL 1. INFORMATION PROTECTION PROCESS 2. BES CYBER ASSET REUSE AND DISPOSAL 5
Panel Discussion Question: What do you see as the major challenges at your Utility in complying with Version 5 especially related to the above as defined in CIP 7 & 10? Development and Implementation of a NERC CIP Compliance Program can involve many functions of an organization including Operations, Administration, IT, etc. Question: What steps has your company taken to date to prepare for Version 5 compliance related to personnel? •Staffing •Training Follow-up Question: Has you the organization considered the financial and resource implications associated with the data mining and management associated with the Inventory Development of the installed assets? and if so what measures?
Panel Discussion  Most companies have a number of disparate cyber assets in the form of: – Hardware (Controllers, PLC’s etc.) – Application Versions – Ports/Services – Firmware Versions – User Accounts – Configuration Setpoints Question:  How is your company currently addressing these?   Follow-up:  Can you see an advantage in Leveraging Technology to Enhance  Security, Reliability, NERC-CIP Ver. 5 Compliance?
#ptc2013 | 8 The Southern Company
#ptc2013 | 9 Herding Cats (Even Friendly Ones) is fun EmersonEmerson (DCS)(DCS) FoxboroFoxboro (DCS)(DCS) ABBABB (DCS)(DCS) GE Mark VIGE Mark VI SiemensSiemens (TCS)(TCS) SchweitzerSchweitzer (Relay)(Relay) RTURTU Allen BradleyAllen Bradley (PLC)(PLC) GE FanucGE Fanuc (PLC)(PLC) GE Bently NevadaGE Bently Nevada AspenTechAspenTech SpectrumSpectrum (CEMS)(CEMS) SiemensSiemens (EMS)(EMS) WoodwardWoodward (TCS)(TCS) CiscoCisco (Control Networks)(Control Networks) YokogawaYokogawa ModiconModicon (PLC)(PLC) MetsoMetso (DCS)(DCS) MitsubishiMitsubishi (TCS)(TCS) ToshibaToshiba (TCS)(TCS)
Approved List NERC Device Properties (i.e., TFE, CCA Blackstart MWs etc ) Backup and Storage Sched. Password Management Schedule Database Integrity & Orion IIS Plant IT Infrastructure OPC Servers DCS Terminals /Servers Process Historians Routers/ Switches Network Users and Groups Automation Infrastructure Manual Data Integrity Essentials Integrity Recon Integrity Inventory Integrity iMOC NERC CIPs Solution From Generation to Substation to the Enterprise Automation Systems DCSs, PLCs, Historians, Instrument Databases, IEDs, etc.
Integrity System Architecture Overview INPUTS ASSET INVENTORY CYBER ASSET INVENTORY CONTROL DEVICE DATA (WMIC) AUTHORIZED USER LIST APPROVED OS PATCHES APPROVED VENDOR PATCHES APPROVED DEVICE PORTS APPROVED ANTI-VIRUS DEF.’s BACKUP AND STORAGE SCHED. PASSWORD MGT. SCHEDULE SYSTEM LOGS REPORTING SECURITY PATCH MGT. ACCOUNT MANAGEMENT MALICIOUS SOFTWARE DEVICE DISCOVERY CUSTOM USER REPORTS COMPLIANCE REPORTS MOC REPORTS SYSTEM ALERT STATUS PSP – ASSET REPORT ESP – ASSET REPORT
Integrity Inventory •Ports •Services •Patches •Applications •Events •Other Stuff
Security Configuration Management • Common Operating Environment (COE) • Configuration Baselines • COEs specify – Allowed installed software and their versions – Allowed hardware configurations – Patches – Ports/Services – User access privileges
Change Management - iMOC™ • 3rd Generation MOC workflow application – Designed specifically for automation systems – Built upon Integrity framework – Leverages Web 2.0 technologies to facilitate information push & collaboration with other applications • Intelligent platform – Creates searchable documentation • Identifies all links and places-used • Improves discovery – Embeds checklists – Approval routing and documentation – Provides links to critical information – Automatically reconciles changes • Work flow is customizable to fit existing change management processes
Reporting: #ptc2013 | 15 REPORTS SECURITY PATCH MGT. ACCOUNT MANAGEMENT MALICIOUS SOFTWARE DEVICE DISCOVERY CUSTOM USER REPORTS COMPLIANCE REPORTS MOC REPORTS SYSTEM ALERT STATUS PSP – ASSET REPORT ESP – ASSET REPORT DASHBOARD INVENTORY UN-RECONCILED CHANGES PORTS & SERVICES SECURITY PATCH MANAGEMENT ANTIVIRUS MANAGEMENT PASSWORD MANAGEMENT MEDIA DISPOSAL MANAGEMENT BACKUP & STORAGE NERC ALERTS LISTINGS ASSET INVENTORY CYBER ASSET INVENTORY CONTROL DEVICE DATA (WMIC) AUTHORIZED USER LIST APPROVED OS PATCHES APPROVED VENDOR PATCHES APPROVED DEVICE PORTS APPROVED ANTI-VIRUS DEF.’s BACKUP AND STORAGE SCHED. PASSWORD MGT. SCHEDULE SYSTEM LOGS
Proposed Orion-Integrity Architecture Active Directory Server RSA PAS Integrity Server Generation Electronic Security Perimeter (ESP) Substation Electronic Security Perimeter (ESP) ESP/Jump Server OrionLX - SCP OrionLX - RCP RTU Protective Relay Protective Relay Broadband Connection RTU DCS PLC PLC Servers can be physical or virtual
Substation Inventory
Relay Configuration Capture
NovaTech Connection Manager
NovaTech Connection Manager (Server Style) IED Software (e.g. AcSELerator) NovaTech Connection Manager • Virtual Serial Port for serial based configuration software Users Windows based Connection Manager PC Server Remote access to server Identity Management Server Secure connection agent runs in the OrionLX
Summary – Tying it Altogether • Asset Management • Common Operating Environment • Data Aggregation • Secure Access • Enhanced Reliability • Risk / Threat Management • Validation • Compliance
Questions?? Kevin Johnson 570-498-4409 Kevin.johnson@novatechweb.com Rich Powell 904-651-5622 rpowell@pas.com

Recommandé

Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryProlifics
 
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011dma1965
 
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 

Recommandé

Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryProlifics
 
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011dma1965
 
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...EnergySec
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
From Air Gap to Air Control
From Air Gap to Air ControlFrom Air Gap to Air Control
From Air Gap to Air ControlEnergySec
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsSean R. Bouchard, P.Eng
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsYokogawa1
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009Narinrit Prem-apiwathanokul
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Critical Infrastructure Protection (CIP) NERC Training : Tonex Training
Critical Infrastructure Protection (CIP) NERC Training : Tonex TrainingCritical Infrastructure Protection (CIP) NERC Training : Tonex Training
Critical Infrastructure Protection (CIP) NERC Training : Tonex TrainingBryan Len
 
Incident Handling in a BYOD Environment
Incident Handling in a BYOD EnvironmentIncident Handling in a BYOD Environment
Incident Handling in a BYOD EnvironmentIben Rodriguez
 

Contenu connexe

Tendances

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...EnergySec
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
From Air Gap to Air Control
From Air Gap to Air ControlFrom Air Gap to Air Control
From Air Gap to Air ControlEnergySec
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsSean R. Bouchard, P.Eng
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsYokogawa1
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 

Tendances (20)

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
From Air Gap to Air Control
From Air Gap to Air ControlFrom Air Gap to Air Control
From Air Gap to Air Control
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity Standards
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security Solutions
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
 

Similaire à Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compliance by PAS and NovaTech

Critical Infrastructure Protection (CIP) NERC Training : Tonex Training
Critical Infrastructure Protection (CIP) NERC Training : Tonex TrainingCritical Infrastructure Protection (CIP) NERC Training : Tonex Training
Critical Infrastructure Protection (CIP) NERC Training : Tonex TrainingBryan Len
 
Incident Handling in a BYOD Environment
Incident Handling in a BYOD EnvironmentIncident Handling in a BYOD Environment
Incident Handling in a BYOD EnvironmentIben Rodriguez
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 
Branndon Kelley Keynote on Cybersecurity and the Smart Utility
Branndon Kelley Keynote on Cybersecurity and the Smart Utility Branndon Kelley Keynote on Cybersecurity and the Smart Utility
Branndon Kelley Keynote on Cybersecurity and the Smart Utility EnergyTech2015
 
Stop Chasing the Version: Compliance with CIPv5 through CIPv99
Stop Chasing the Version: Compliance with CIPv5 through CIPv99 Stop Chasing the Version: Compliance with CIPv5 through CIPv99
Stop Chasing the Version: Compliance with CIPv5 through CIPv99 Tripwire
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Skybox Security
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkNathan Wallace, PhD, PE
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...Ryan Hodgin
 
Ensuring the compliance, resiliency, and availability of business-critical ne...
Ensuring the compliance, resiliency, and availability of business-critical ne...Ensuring the compliance, resiliency, and availability of business-critical ne...
Ensuring the compliance, resiliency, and availability of business-critical ne...Riverbed Technology
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyTheAnfieldGroup
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energystacybre
 
NERC CIP Training - 5 Days Course
NERC CIP Training - 5 Days Course NERC CIP Training - 5 Days Course
NERC CIP Training - 5 Days Course Tonex
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPROIDEA
 
System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV Smarter Grid Solutions
 
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...Primend
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyShawn Riley
 

Similaire à Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compliance by PAS and NovaTech (20)

Critical Infrastructure Protection (CIP) NERC Training : Tonex Training
Critical Infrastructure Protection (CIP) NERC Training : Tonex TrainingCritical Infrastructure Protection (CIP) NERC Training : Tonex Training
Critical Infrastructure Protection (CIP) NERC Training : Tonex Training
 
Incident Handling in a BYOD Environment
Incident Handling in a BYOD EnvironmentIncident Handling in a BYOD Environment
Incident Handling in a BYOD Environment
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy Sector
 
Branndon Kelley Keynote on Cybersecurity and the Smart Utility
Branndon Kelley Keynote on Cybersecurity and the Smart Utility Branndon Kelley Keynote on Cybersecurity and the Smart Utility
Branndon Kelley Keynote on Cybersecurity and the Smart Utility
 
Stop Chasing the Version: Compliance with CIPv5 through CIPv99
Stop Chasing the Version: Compliance with CIPv5 through CIPv99 Stop Chasing the Version: Compliance with CIPv5 through CIPv99
Stop Chasing the Version: Compliance with CIPv5 through CIPv99
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
 
Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014
 
Philips Implementing Wireless in the Hospital Enterprise: Medical Device Cons...
Philips Implementing Wireless in the Hospital Enterprise: Medical Device Cons...Philips Implementing Wireless in the Hospital Enterprise: Medical Device Cons...
Philips Implementing Wireless in the Hospital Enterprise: Medical Device Cons...
 
Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...
 
Ensuring the compliance, resiliency, and availability of business-critical ne...
Ensuring the compliance, resiliency, and availability of business-critical ne...Ensuring the compliance, resiliency, and availability of business-critical ne...
Ensuring the compliance, resiliency, and availability of business-critical ne...
 
3.2_Securing Microgrids, Substations, and Distributed Autonomous Systems_Lawr...
3.2_Securing Microgrids, Substations, and Distributed Autonomous Systems_Lawr...3.2_Securing Microgrids, Substations, and Distributed Autonomous Systems_Lawr...
3.2_Securing Microgrids, Substations, and Distributed Autonomous Systems_Lawr...
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
 
NERC CIP Training - 5 Days Course
NERC CIP Training - 5 Days Course NERC CIP Training - 5 Days Course
NERC CIP Training - 5 Days Course
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
 
System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV
 
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Ap...
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
 

Plus de TheAnfieldGroup

Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill
Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir GillEliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill
Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir GillTheAnfieldGroup
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Cyber Security Standards Update: Version 5 by Scott Mix
Cyber Security Standards Update: Version 5 by Scott MixCyber Security Standards Update: Version 5 by Scott Mix
Cyber Security Standards Update: Version 5 by Scott MixTheAnfieldGroup
 
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...TheAnfieldGroup
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTheAnfieldGroup
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...TheAnfieldGroup
 
Synchrophasor Timing Security
Synchrophasor Timing SecuritySynchrophasor Timing Security
Synchrophasor Timing SecurityTheAnfieldGroup
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...TheAnfieldGroup
 

Plus de TheAnfieldGroup (8)

Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill
Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir GillEliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill
Eliminate Silos to Enhance Critical Infrastructure Protection by Jasvir Gill
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
 
Cyber Security Standards Update: Version 5 by Scott Mix
Cyber Security Standards Update: Version 5 by Scott MixCyber Security Standards Update: Version 5 by Scott Mix
Cyber Security Standards Update: Version 5 by Scott Mix
 
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, Ercot
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
 
Synchrophasor Timing Security
Synchrophasor Timing SecuritySynchrophasor Timing Security
Synchrophasor Timing Security
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
 

Dernier

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Dernier (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compliance by PAS and NovaTech

  • 1. Presented by PAS and NovaTech July 2013 Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver. 5 Compliance
  • 2. AGENDA • Group Introductions • Agenda • Review CIP V5 Requirements • Discussion of current practices in generation plants and substations – Inventory – Configuration management – Change management • Case Study of Southern Co. • Panel impressions • Questions – General Discussion
  • 3. Introductions • Richard Powell – Manager Cyber Security Solutions - PAS – CISSP, CISA – Business development for cyber security – Head of cyber security consulting for a leading CIP consulting group – Head of security and compliance for a large municipal utility • Kevin Johnson – V.P. Business Development – NovaTech – Member of Executive Management Team – Strategic Initiatives & Emerging Technologies – Southeast Utilities Regional Manager
  • 4. Future NERC CIP Standards NERC CIP Version 4 (approved 4/19/2012) Effective date 4/1/2014 Critical generating assets: o 1500MW power in a single interconnection o 1000MVAR reactive power in a single interconnection o “Reliability Must Run” units o “Black start” units NERC CIP Version 5 (Submitted to FERC 1/31/2013) •Impact Categorization, instead of Critical Assets •New process is introduced in proposed CIP-002-05 for identifying and classifying BES Cyber Systems according to “Low- Medium-High” impact •Two new standards – 010 - Configuration Management and Vulnerability Assessments – 011 – Information Protection •Routable and non-Routable Protocols •Remote Access •Malicious Code Prevention.
  • 5. CIP 002-011 (Version 5): Overview NERC CIP CYBER SECURITY STANDARDS Version 5 Ten Standards /43 Requirements NERC CIP CYBER SECURITY STANDARDS Version 5 Ten Standards /43 Requirements CRITICAL CYBER ASSETS CRITICAL CYBER ASSETS SECURITY MANAGEMENT CONTROLS SECURITY MANAGEMENT CONTROLS PERSONNEL AND TRAINING PERSONNEL AND TRAINING ELECTRONIC SECURITY ELECTRONIC SECURITY PHYSICAL SECURITY PHYSICAL SECURITY SYSTEMS SECURITY MANAGEMENT SYSTEMS SECURITY MANAGEMENT INCIDENT REPORTING AND RESPONSE PLANNING INCIDENT REPORTING AND RESPONSE PLANNING RECOVERY PLANS FOR BES CYBER ASSETS RECOVERY PLANS FOR BES CYBER ASSETS CIP-002 CIP-003 CIP-004 CIP-005 CIP-006 CIP-007 CIP-008 CIP-009 1. PLAN 2. VISTOR CONTROL PLAN 3. MAINTE- NANCE AND TESTING 1. PLAN 2. VISTOR CONTROL PLAN 3. MAINTE- NANCE AND TESTING 1. PORTS AND SERVICES 2. SECURITY PATCH MANAGEMENT 3. MALICIOUS CODE PREVENTION 4. SECURITY EVENT MONITORING 5. SYSTEM ACCESS CONTROLS 1. PORTS AND SERVICES 2. SECURITY PATCH MANAGEMENT 3. MALICIOUS CODE PREVENTION 4. SECURITY EVENT MONITORING 5. SYSTEM ACCESS CONTROLS 1. CYBER SECURITY INCIDENT RESPONSE PLAN 2. IMPLEMEN- TATION AND TESTING OF CYBER SECURITY INCIDENT RESPONSE PLANS 3. CYBER SECURITY INCIDENT RESPONSE PLAN REVIEW 1. CYBER SECURITY INCIDENT RESPONSE PLAN 2. IMPLEMEN- TATION AND TESTING OF CYBER SECURITY INCIDENT RESPONSE PLANS 3. CYBER SECURITY INCIDENT RESPONSE PLAN REVIEW 1. RECOVERY PLANS 2. RECOVERY PLAN IMPLEMEN- TATION AND TESTING 3. RECOVERY PLAN REVIEW, UPDATE, AND COMMUNI- CATION 1. RECOVERY PLANS 2. RECOVERY PLAN IMPLEMEN- TATION AND TESTING 3. RECOVERY PLAN REVIEW, UPDATE, AND COMMUNI- CATION 1. LOW, MEDIUM, HIGH CRITERIA 2. 15-MONTH REVIEW 1. LOW, MEDIUM, HIGH CRITERIA 2. 15-MONTH REVIEW 1. ELECTRONIC SECURITY PERIMETER 2. REMOTE ACCESS MANAGEMENT 1. ELECTRONIC SECURITY PERIMETER 2. REMOTE ACCESS MANAGEMENT 1. AWARENESS 2. TRAINING 3. PERSONNEL RISK ASSESSMENT 4. ACCESS 5. ACCESS REVOCATION PROGRAM 1. AWARENESS 2. TRAINING 3. PERSONNEL RISK ASSESSMENT 4. ACCESS 5. ACCESS REVOCATION PROGRAM 1. CYBER SECURITY POLICY FOR HIGH /MEDIUM 2. CYBER SECURITY POLICY FOR LOW 3. LEADERSHIP 4. DOCUMENT DELEGATES 1. CYBER SECURITY POLICY FOR HIGH /MEDIUM 2. CYBER SECURITY POLICY FOR LOW 3. LEADERSHIP 4. DOCUMENT DELEGATES Source: NERC (www.nerc.com) CIP = Critical Infrastructure Protection. NERC = North American Electric Reliability Corporation. BES = Bulk Electric System CONFIG. CHANGE & VULN. ASSESS. CONFIG. CHANGE & VULN. ASSESS. INFORMATION PROTECTION INFORMATION PROTECTION CIP-010 CIP-011 1. CONFIGUR- ATION CHANGE MANAGE- MENT PROCESS 2. CONFIGUR- ATION MONITOR- ING 3. VULNER- ABILITY ASSESS- MENTS 1. CONFIGUR- ATION CHANGE MANAGE- MENT PROCESS 2. CONFIGUR- ATION MONITOR- ING 3. VULNER- ABILITY ASSESS- MENTS 1. INFORMATION PROTECTION PROCESS 2. BES CYBER ASSET REUSE AND DISPOSAL 1. INFORMATION PROTECTION PROCESS 2. BES CYBER ASSET REUSE AND DISPOSAL 5
  • 6. Panel Discussion Question: What do you see as the major challenges at your Utility in complying with Version 5 especially related to the above as defined in CIP 7 & 10? Development and Implementation of a NERC CIP Compliance Program can involve many functions of an organization including Operations, Administration, IT, etc. Question: What steps has your company taken to date to prepare for Version 5 compliance related to personnel? •Staffing •Training Follow-up Question: Has you the organization considered the financial and resource implications associated with the data mining and management associated with the Inventory Development of the installed assets? and if so what measures?
  • 7. Panel Discussion  Most companies have a number of disparate cyber assets in the form of: – Hardware (Controllers, PLC’s etc.) – Application Versions – Ports/Services – Firmware Versions – User Accounts – Configuration Setpoints Question:  How is your company currently addressing these?   Follow-up:  Can you see an advantage in Leveraging Technology to Enhance  Security, Reliability, NERC-CIP Ver. 5 Compliance?
  • 8. #ptc2013 | 8 The Southern Company
  • 9. #ptc2013 | 9 Herding Cats (Even Friendly Ones) is fun EmersonEmerson (DCS)(DCS) FoxboroFoxboro (DCS)(DCS) ABBABB (DCS)(DCS) GE Mark VIGE Mark VI SiemensSiemens (TCS)(TCS) SchweitzerSchweitzer (Relay)(Relay) RTURTU Allen BradleyAllen Bradley (PLC)(PLC) GE FanucGE Fanuc (PLC)(PLC) GE Bently NevadaGE Bently Nevada AspenTechAspenTech SpectrumSpectrum (CEMS)(CEMS) SiemensSiemens (EMS)(EMS) WoodwardWoodward (TCS)(TCS) CiscoCisco (Control Networks)(Control Networks) YokogawaYokogawa ModiconModicon (PLC)(PLC) MetsoMetso (DCS)(DCS) MitsubishiMitsubishi (TCS)(TCS) ToshibaToshiba (TCS)(TCS)
  • 10. Approved List NERC Device Properties (i.e., TFE, CCA Blackstart MWs etc ) Backup and Storage Sched. Password Management Schedule Database Integrity & Orion IIS Plant IT Infrastructure OPC Servers DCS Terminals /Servers Process Historians Routers/ Switches Network Users and Groups Automation Infrastructure Manual Data Integrity Essentials Integrity Recon Integrity Inventory Integrity iMOC NERC CIPs Solution From Generation to Substation to the Enterprise Automation Systems DCSs, PLCs, Historians, Instrument Databases, IEDs, etc.
  • 11. Integrity System Architecture Overview INPUTS ASSET INVENTORY CYBER ASSET INVENTORY CONTROL DEVICE DATA (WMIC) AUTHORIZED USER LIST APPROVED OS PATCHES APPROVED VENDOR PATCHES APPROVED DEVICE PORTS APPROVED ANTI-VIRUS DEF.’s BACKUP AND STORAGE SCHED. PASSWORD MGT. SCHEDULE SYSTEM LOGS REPORTING SECURITY PATCH MGT. ACCOUNT MANAGEMENT MALICIOUS SOFTWARE DEVICE DISCOVERY CUSTOM USER REPORTS COMPLIANCE REPORTS MOC REPORTS SYSTEM ALERT STATUS PSP – ASSET REPORT ESP – ASSET REPORT
  • 13. Security Configuration Management • Common Operating Environment (COE) • Configuration Baselines • COEs specify – Allowed installed software and their versions – Allowed hardware configurations – Patches – Ports/Services – User access privileges
  • 14. Change Management - iMOC™ • 3rd Generation MOC workflow application – Designed specifically for automation systems – Built upon Integrity framework – Leverages Web 2.0 technologies to facilitate information push & collaboration with other applications • Intelligent platform – Creates searchable documentation • Identifies all links and places-used • Improves discovery – Embeds checklists – Approval routing and documentation – Provides links to critical information – Automatically reconciles changes • Work flow is customizable to fit existing change management processes
  • 15. Reporting: #ptc2013 | 15 REPORTS SECURITY PATCH MGT. ACCOUNT MANAGEMENT MALICIOUS SOFTWARE DEVICE DISCOVERY CUSTOM USER REPORTS COMPLIANCE REPORTS MOC REPORTS SYSTEM ALERT STATUS PSP – ASSET REPORT ESP – ASSET REPORT DASHBOARD INVENTORY UN-RECONCILED CHANGES PORTS & SERVICES SECURITY PATCH MANAGEMENT ANTIVIRUS MANAGEMENT PASSWORD MANAGEMENT MEDIA DISPOSAL MANAGEMENT BACKUP & STORAGE NERC ALERTS LISTINGS ASSET INVENTORY CYBER ASSET INVENTORY CONTROL DEVICE DATA (WMIC) AUTHORIZED USER LIST APPROVED OS PATCHES APPROVED VENDOR PATCHES APPROVED DEVICE PORTS APPROVED ANTI-VIRUS DEF.’s BACKUP AND STORAGE SCHED. PASSWORD MGT. SCHEDULE SYSTEM LOGS
  • 16. Proposed Orion-Integrity Architecture Active Directory Server RSA PAS Integrity Server Generation Electronic Security Perimeter (ESP) Substation Electronic Security Perimeter (ESP) ESP/Jump Server OrionLX - SCP OrionLX - RCP RTU Protective Relay Protective Relay Broadband Connection RTU DCS PLC PLC Servers can be physical or virtual
  • 20. NovaTech Connection Manager (Server Style) IED Software (e.g. AcSELerator) NovaTech Connection Manager • Virtual Serial Port for serial based configuration software Users Windows based Connection Manager PC Server Remote access to server Identity Management Server Secure connection agent runs in the OrionLX
  • 21. Summary – Tying it Altogether • Asset Management • Common Operating Environment • Data Aggregation • Secure Access • Enhanced Reliability • Risk / Threat Management • Validation • Compliance

Notes de l'éditeur

  1. V5 is potentially a mixed blessing over V4. Possibly fewer things to do to more assets.
  2. We know that good Cyber Security standards under Version 5 would suggest that companies implement the following practices for their critical cyber assets: Inventory of Critical Assets Configuration Management & Baseline identification Management of Change We know that good Cyber Security standards under Version 5 would suggest that companies implement the following practices for their critical cyber assets: Inventory of Critical Assets Configuration Management & Baseline identification Management of Change Aug 8, 2013
  3. Looking at this map, Imagine a world with one common control system platform, all hardware and software running at the same rev. level, running the same logic and configuration that never changes,
  4. That is not my world! If you are a supplier to the Electric Utility Industry, please don ’t be offended if your name does not show up on this map, I am fairly certain we use your stuff also. As you might imagine, trying to maintain accurate asset inventories, implement effective management of change processes, and ensuring consistent cyber security policies and practices is quite a challenge in the robustly diverse environment we find ourselves in. As daunting as this challenge is, you are often reminded in life that things can get more interesting. As we all know, our world is changing. Technology is evolving. Some of our ideas to embrace “open” systems , and improve “connectivity” seemed like such worthy goals at the time . As it turns out, fixing some of these problems is easier than proving that you did. We realized that we needed good policies, good processes, good people, and good plans to meet these requirements. Our early experience demonstrated that reliance on too many manual tools and processes allowed for unacceptable compliance risk.
  5. Illustrates the automation data that feeds CSI, how the raw data is transformed into normalized control information, and the types of information available to the end user. Data input: Raw Automation Data from plant control systems 2 Terabytes once a week. Asset models: Normalize raw automation data from different control system types – Normalized data can then be compared against the fleet. Information Output: Compliance Dashboards, Asset Inventory Reports, Compliance Variance Reports, and custom queries.
  6. First generation was paper-based systems Second generation was “electronification” of paper-based systems The third generation uses Web 2.0 technologies to simplify the MOC process. It can push approvals to the appropriate approver at the moment that the approval is ready. An intelligent, 3 rd generation MOC application designed specifically for the unique challenges of automation systems. Leverages Web 2.0 technologies and the capabilities of the Integrity Software and Integrity Recon to enable users to: Define and implement an efficient and easy to use management of change process for their entire automation system Detect and report all changes made to their automation systems Reconcile all detected changes with the specific MOC cases that authorized them Automatically report unreconciled MOC cases