|
|
CIPGuard™—the NERC CIP Solution
Nexant's NERC CIP Compliance Assessment & Delivery System
The North American Electric Reliability Council (NERC) has produced a set of standards known as Critical Infrastructure Protection (CIP) Reliability Standards. These regulations were developed over a period of over five years in direct response to exposures seen in the security, and in particular the cyber security, of the US energy facilities.
Nexant—together with its partner Promia Incorporated—addresses all of the key compliance issues associated with these important standards via CIPGuard™, its unique NERC CIP compliance and delivery system. Promia is a leading cyber security company that uses a combination of proven security appliances and an advanced set of audit tools. CIPGuard harnesses this technology to provide maximum support to energy companies in achieving and maintaining compliance with NERC CIP Reliability Standards.
Overview of NERC CIP Reliability Standards
Standards CIP-002 through CIP-009 provide a cyber security framework for the identification and protection of critical cyber assets that are critical to the reliable operation of the bulk electric system. These standards recognize the differing roles of each entity in the operation of the bulk electric system, the criticality and vulnerability of the cyber assets needed to manage bulk electric system reliability, and the risks to which they are exposed.
Responsible entities must apply Standards CIP-002 through CIP-009 using sound risk analysis methodology. These standards are based on previous security research from the National Institute of Standards and Technology (NIST), which has been working closely with NSA and the Department of Defense for many years in this area.
Business and operational demands for managing and maintaining a reliable bulk electric system increasingly rely on cyber assets that support critical reliability functions and processes, communicating with each other across functions and organizations for services and data. Such cyber assets are under ever-increasing risk.
The CIP standards represent a baseline of best practices for maintaining the company, the network and cyber assets for any power facility. They include personnel training, physical site layout and protection, physical and logical layout of cyber assets, and the daily operation and monitoring of the various components.
Nexant CIP compliance services support energy asset owners in meeting CIP standards by providing risk analysis, operational monitoring and management, electronic perimeter monitoring, security breach reporting, sabotage alerting, activity logging, distributed reporting, asset identification, and training as they relate to cyber assets and cyber activity. Nexant CIP services also include overall threat assessment, threat mitigation and threat management procedures.
CIPGuard Features Promia's Raven Technology
For networked environments that are subject to security risks and regulatory compliance requirements, our CIPGuard services leverage the Nexant team of experienced, hands-on utility operations experts to support design and implementation of robust information operations and security monitoring and management. We deliver on this objective using Promia's proprietary Raven™ family of network appliance products that automate the most time-intensive requirements of CIP standards, including 100% automation of critical cyber asset identification and all network activity logs. Promia Raven appliances feature the Raven Asset Viewer, enabling network operators real-time, enterprise-wide capability to: (1) passively detect, visualize, monitor, and manage all network devices, computers and enterprise applications; (2) manage security and operations information from a wide range of device and software logs; and (3) analyze collected information to detect and respond to security and operations incidents.
Promia's Raven technology adapts its award-winning audit tools with purpose-built templates for capturing and retrieving audit compliance evidence. These audit tools can be user-customized and are complimented by extensive support components, including examples, references, tutorials, and other help information designed to assist the customer to step through the self-certification process for FERC audit compliance. Access is user-configurable, allowing access to those who need to know specific information while others can be allowed to update information—all while maintaining a full access audit log.
Incident and Response Management
This Raven-based system provides a standardized web interface for managing the incident lifecycle, including: triage, assignment, validation, remediation, and closure. Raven can be configured for either or both manual and automated response to detected incidents.
Access is controlled for those who need to know specific information and those who are allowed to update that information. A full audit log is maintained for all accesses.
|
|