update in nerc cip activities september 4, 2014

10

Update in NERC CIP Activities September 4, 2014

Upload: red

Post on 06-Jan-2016

124 views

Category:

Documents

1 download

Report

Download

Embed Size (px):

DESCRIPTION

Update in NERC CIP Activities September 4, 2014. Agenda. Update on CIP-014-1 Update on Revisions to CIP Version 5 -x Posting v6 Posting Questions. Key Dates: Project 2014-04 Physical Security (CIP-014-1). NOPR for FERC Approval IssuedJuly 17 Comments DueSept 8 - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Update in NERC CIP Activities September 4, 2014

Update in NERC CIP Activities

September 4, 2014

Page 2: Update in NERC CIP Activities September 4, 2014

2

• Update on CIP-014-1 • Update on Revisions to CIP Version 5

-x Posting v6 Posting

• Questions

Agenda

Page 3: Update in NERC CIP Activities September 4, 2014

• NOPR for FERC Approval Issued July 17 Comments Due Sept 8 Comment Responses Sept 22

• Adopted by NERC Board of Trustees May 13• Approved by Industry Final Ballot May 5• FERC Directive March 7

Key Dates: Project 2014-04 Physical Security (CIP-014-1)

Page 4: Update in NERC CIP Activities September 4, 2014

• CIP Standards Revisions 45-day comment period Sept 3 – Oct

17 Ballot Oct 8-17 Non-Binding Poll (VRF/VSL) Oct 8-17 RSAWs Sept 17** SDT meeting, Austin TX Oct 22-24 Final Ballot

Oct 31 – Nov 10**

**Expected date

Key DatesCIP-002 to CIP-011 Revisions

Page 5: Update in NERC CIP Activities September 4, 2014

• CIP-003-6 R2 for Low Impact Assets Requires implementation of one or more documented cyber security

plan(s) Attachment 1 includes required elements or options that may be

selected to address: o Cyber security o Physical access controlso Electronic access controlso Cyber Security Incident response

Attachment 2 includes detailed measures for demonstrating compliance Introduces 2 new definitions

o Low Impact BES Cyber System Electronic Access Points (LEAP)o Low Impact External Routable Connectivity (LERC)

Significant Changes to CIP-003-6

Page 6: Update in NERC CIP Activities September 4, 2014

• CIP-010-2 R4 for Transient Devices Requires implementation of one or more documented plan(s) Attachment 1 includes required elements or options that may be

selected to address: o Transient Cyber Asset(s) Owned or Managed by the Responsible Entityo Transient Cyber Asset(s) Owned or Managed by Vendors or Contractorso Removable Media

Attachment 2 includes detailed measures for demonstrating compliance Modifies 2 definitions, based on comments

o Transient Cyber Asset o Removable Media

Significant Changes to CIP-010-2

Page 7: Update in NERC CIP Activities September 4, 2014

• Single ballot for IAC language removal. These proposed standards will be version X for the ballot.

o CIP-003-X o CIP-004-X o CIP-007-X o CIP-010-X o CIP-011-X

• Separate ballots for language changes Low Impact Assets and Transient Devices.

o CIP-003-6o CIP-010-2o Definitions – Lowso Definitions – TDo IP-v6

CIP-002 to CIP-011 Revision Postings

Page 8: Update in NERC CIP Activities September 4, 2014

CIP-002 to CIP-011 Revision Postings

Page 9: Update in NERC CIP Activities September 4, 2014

9

Page 10: Update in NERC CIP Activities September 4, 2014

• Project 2014-02 CIP Standards Version 5 Revisions http://www.nerc.com/pa/Stand/Pages/Project-2014-XX-Critical-

Infrastructure-Protection-Version-5-Revisions.aspx

• Project 2014-04 Physical Security http://www.nerc.com/pa/Stand/Pages/Project-2014-04-Physical-

Security.aspx

References

http://www.nerc.com/pa/Stand/Pages/Project-2014-XX-Critical-Infrastructure-Protection-Version-5-Revisions.aspx

Cisco NERC CIP v5 Compliance · PDF fileCisco NERC CIP v5 Compliance Solutions ... Although NERC CIP does not yet address virtualization, Cisco has developed virtual security

Automating for NERC CIP-007-5-R1

NERC CIP Compliance Application - Midwest Reliability Organization

nerc cip u - Broadcom Inc. › ... › ESM › NERC › nerc_cip_win.pdfBaseline Policy Manual for NERC CIP(Windows) The software that is described in this document is furnished under

NERC CIP -1, -2 and -3: A Comparison - NERC CIP Version 6 ... · PDF fileNERC CIP Standards Comparison: -1 to -2 Standard v1 Req Number v1 Requirement Did the requirement change? v2

Software Supply Chain Risks and Mitigations for NERC CIP

NERC CI P VERSI ON 6 - RedSeal Datasheets/NERC CIP... · NERC CIP VERSION 6 C OMPLIAN CE COMPLIANCE Dec 2017 2 REDSEAL AND FEDERAL GOVERNMENT CYBERSECURITY RedSeal …

CIP-014 - Home - FRCC Home & CIP-006 Threat Vulnerability ... (reference NERC CIP-014, page 9) NERC Visit •NERC SRP and NERC Physical Security Group representative and FRCC team

NERC CIP Version 6 - emmos.orgemmos.org/prevconf/2017/9. NERC CIP6 - Ron Koziy.pdf · NERC CIP Version 6 - Robert Koziy Director – Cyber Security Compliance Open Systems International

NERC CIP Vulnerability Assessment Report · 2019. 10. 15. · NERC CIP Vulnerability Assessment Report Report Generated: November 14, 2011 1.0 Background NERC introduced its Critical

109745672 NERC CIP Compliance Matrix ROS ... - Siemens · PDF fileWarranty and Liability NERC CIP Compliance Matrix of RUGGEDCOM ROS Operating System Entry-ID: 109745672, 1.0, 03/2017

Update in NERC CIP Activities June 5, 2014

NERC Critical Infrastructure Protection Advisory Group (CIP AG)

NERC - CIP (rev2)

Explore the Implicit Requirements of the NERC CIP RSAWs

NERC Physical Security Standard CIP-014-1

Rapid7 NERC-CIP Compliance Guide

NERC CIP Tools and Techniques - EPRIsmartgrid.epri.com/doc/NERC CIP Tools and... · NERC CIP Tools and Techniques Supplemental Project - Introduction Webcast Scott Sternfeld, Project

ABB NERC CIP · PDF file · 2015-05-25abb nerc cip v5 special interest group low asset discussion and future cip versions & compliance activity november 5, 2014

NERC CIP Information Protection - StarChapter...NERC CIP Information Protection 1 Eric Ruskamp Manager, Regulatory Compliance September 13, 2017 Agenda NERC History NERC Compliance

Successful NERC CIP Compliance - Robert Hoopes, PPL Corporation

Structured NERC CIP Process Improvement Using Six Sigma

WhitePaper_MPLS and NERC CIP Compliance BellLab

Top 10 NERC CIP Transition Challenges

QoS and NERC CIP Compliance

NERC CIP Vulnerability Assessment Report - SAINT · PDF fileNERC CIP Vulnerability Assessment Report Report Generated: December 14, 2015 1 Background NERC introduced its Critical Infrastructure

NERC CIPC Chair Report Highlights... · NERC presented draft RSAWs for CIP -002, CIP -007, and CIP -009 to the ... Part 2.5 – Cyber Security Incident response plan(s) Part 2.6 –

NERC CIP: Fundamental Security Requirements of an ... | NERC CIP Requirements Mapping to ConsoleWorks | Page 2 of 12 CIP-002 Cyber Security - Critical Cyber Asset Identification

PSE RINGORANG NERC CIP PROJECT FINAL REPORT · PDF fileFinal Report - PSE Ringorang NERC CIP Tournaments_v0 4_draft-hy 20110830 (2) Page 8 of 72CONTACT: [email protected]

NERC Critical Infrastructure Department (CID) and CIP … · NERC Critical Infrastructure Department (CID) and CIP Compliance Update February 28, 2011 . 2 NERC is a compliance organization…

NERC CIP · 2 days ago · SANS ICS | sans.org/ ics Critical Infrastructure Protection CIP Best Of

NERC CIP RELIABILITY STANDARDS

Basin Electric NERC CIP Program - UMN CCAPS · The NERC Critical Infrastructure Protection (CIP) standards provide requirements to protect the bulk power system from cyber and physical

NERC CIP Course Catalog - CMMC Training for Federal

How we support our customers with NERC CIP - SANS · PDF fileHow we support our customers with NERC CIP James McQuiggan, CISSP