critical infrastructure protection committee report to nerc standing committees in joint session
DESCRIPTION
Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session. Long Beach, CA March 2005. Public Release. Topics. Cyber Security Standard CIP-001-009 Larry Bugh Government – Private Sector coordination Pat Laird - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/1.jpg)
Critical Infrastructure Protection Committee Report to
NERC Standing Committeesin Joint Session
Long Beach, CA
March 2005
Public Release
![Page 2: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/2.jpg)
2
Topics Cyber Security Standard CIP-001-009
Larry Bugh Government – Private Sector coordination
Pat Laird National Infrastructure Protection Plan
Jim McGlone National Response Plan
Jim McGlone Electricity Sector Info Sharing Analysis Center
Lou Leffler
![Page 3: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/3.jpg)
3
Cyber Security Standard CIP-001-009
● 61 sets of comments on Draft 2 DT met Mar. 3/4 to review 2 Tech Editors now on board
● DT meets again Mar. 21/22 Review total package Finalize Draft 3 Finalize draft 2 Implementation Plan
![Page 4: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/4.jpg)
4
Cyber Security Standard CIP-001-009
● Major Areas of work Refine definitions Resolve consistency Match Requirements & measures Extend Implementation Plan
● Anticipate posting Draft 3 Apr. 15th
![Page 5: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/5.jpg)
5
Government – Private Sector Coordination
● Homeland Security Presidential Directive – 7
● Department of Homeland Security
● Sector Specific Agencies Energy: Department of Energy
● Private Sectors
● National Infrastructure Protection Plan
(Work in process)
![Page 6: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/6.jpg)
![Page 7: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/7.jpg)
7
Electricity Sector Coordinating Council
● CIP Committee Executive Committee
● President / CEO NERC
● Presented to DHS; awaiting expected affirmation
![Page 8: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/8.jpg)
National Infrastructure Protection PlanNIPP
Jim McGlone
Department of Energy
![Page 9: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/9.jpg)
National Response PlanNRP
Jim McGlone
Department of Energy
![Page 10: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/10.jpg)
http://www.esisac.com
![Page 11: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/11.jpg)
http://www. isaccouncil.org
![Page 12: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/12.jpg)
12
Communications
Threat Advisory Listserv (TAL) Critical Infrastructure Protection
Information System (CIPIS) Homeland Security Information Network
(under development) US-CERT Portal Telephone and conference calls GETS
![Page 13: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/13.jpg)
13
![Page 14: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/14.jpg)
REPORT INCIDENTS TO 1. LOCAL LAW ENFORCEMENT (Establish and maintain relationship.)
2. LOCAL FBI, PSEPC, RCMP, USSS (Establish and maintain relationship.)
3. ESISAC secure messaging: https://www.nerc.net/cip email: [email protected] tel: 609-452-1422 (anytime) fax: 609-452-9550 (day)
4. National Infrastructure Coordination Center (DHS IAIP) secure messaging: https://www.nerc.net/cip email: [email protected] tel: 202-282-9201 fax: 703-487-3570
14
![Page 15: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/15.jpg)
15
Reports:
● From the ES,
● Together with other critical infrastructures,
● And intelligence sources:
May help the DHS to:
![Page 16: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/16.jpg)
16
1. Does the ESISAC have your 24x7 contact? Are there multiple contact points and communications available?
2. Is a security decision-making process in place?3. How will your organization’s physical and cyber
security decision-makers get notified? Are there backup communications?
4. Is there a means in place to communicate decisions to action-takers? A backup?
5. Consider responses in accordance with the “Threat Alert Systems and Physical / Cyber Response Guidelines for the Electricity Sector”.
Some Things to Think About
![Page 17: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.mx/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/17.jpg)
17
Activities
● Back Up Location for ESISAC
● Telecommunications Electric Service Priority (TESP) program
● TopOff – 3
TY