1 / 28

NERC Critical Infrastructure Protection Advisory Group (CIP AG)

NERC Critical Infrastructure Protection Advisory Group (CIP AG). Electric Industry Initiatives Reducing Vulnerability To Terrorism. September 11, 2001 Industry Implications. Significant change to the Security Environment Increased Security focus and costs

Download Presentation

NERC Critical Infrastructure Protection Advisory Group (CIP AG)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. NERC Critical Infrastructure ProtectionAdvisory Group(CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism

  2. September 11, 2001 Industry Implications Significant change to the Security Environment Increased Security focus and costs Threat of imposed Federal and State legislation Company over-reaction Company under-reaction

  3. Post 9/11 Reactions

  4. CIP AG Overview

  5. Security Guidelines Guiding Principles • Each company defines and identifies its own critical facilities and functions. • Each company assesses the usefulness of the Guidelines individually and adapts them as needed. • The Guidelines are living documents, expected to change. • Implemented and supported by workshops for industry

  6. Initiatives • CIPAG • Security Guidelines • Threat Conditions and Response • FERC Assist • Spare Parts Database • PKI

  7. Security Guidelines Executive Summary • The Guidelines describe • general approaches • considerations • practices • planning philosophies • The Guidelines are NOT a “cookbook” for protection.

  8. Security Guidelines Definitions • Critical Facility Any facility or combination of facilities, if severely damaged or destroyed would: • have a significant impact on the ability to serve large quantities of customers for an extended period of time, • have a detrimental impact to the reliability or operability of the energy grid, or • cause significant risk to National security, National economic security, or public health and safety.

  9. Security Guidelines Guideline Topics • Vulnerability and Risk Assessment • Threat Response • Emergency Management • Continuity of Business Processes • Communications • Physical Security • IT/Cyber Security • Employment Screening • Protecting Sensitive Information

  10. Security Guidelines Guideline Topics • Vulnerability and Risk Assessment Helps identify critical facilities, their vulnerabilities, and countermeasures. • Threat Response Helps in developing plans for enhanced security.

  11. Security Guidelines Guideline Topics • Emergency Management Better prepares companies to respond to a spectrum of threats, both physical and cyber. • Continuity of Business Practices Reduces the likelihood of prolonged interruptions and enhances prompt resumption of operations after interruptions occur.

  12. Security Guidelines Guideline Topics • Communications Enhances the effectiveness of threat response, emergency management, and business continuity plans. • Physical /Cyber Security Mitigates the impact of threats through deterrence, prevention, detection, limitation, and corrective action.

  13. Security Guidelines Guideline Topics • Employment Screening Provides strategies to mitigate “insider” threats. • Protecting Sensitive Information Production, storage, transmission, and disposal of both physical and electronic information

  14. Security Guidelines Reference Documents • An Approach to Action for the Electricity Sector (NERC, June 2001) • Threat Alert Levels and Physical Response Guidelines(NERC, November 2001) • Threat Alert Levels and Cyber Response Guidelines(NERC, March 2002)

  15. ThreatCon and Response Guidelines TheGuidelines • Define Threat Alert Levels for Alerts issued by • ES-ISAC • NIPC • Other government agencies (Excludes facilities regulated by the NRC) • Ensure that electric Threat Alert Levels are consistent with information from other sources • Provide examples of security measures • Supported with workshops

  16. ThreatCon and Response Guidelines Threat Alerts / Threat Conditions • Can be issued • for a specific geographic area • for a specific facility • by category - such as a specific type of facility

  17. Threat Alert Level Definitions THREATCON-NORMAL • Applies when no known threat exists. • Is equivalent to normal daily conditions. • Security measures should be maintainable indefinitely. THREATCON-LOW • Applies when a general threat exists with no specific threat directed against the electric industry. • Additional security measures are recommended. • Added security should be maintainable for an indefinite period with minimum impact on the organization.

  18. Threat Alert Level Definitions THREATCON-MEDIUM • Applies with increased or more predictable threat to the electric industry. • Implementation of additional security measures is expected. • Increased measures are anticipated to last for a defined time. • Significant increases in corporate resources will be required. THREATCON-HIGH • Applies when an incident occurs or a credible threat is imminent. • Maximum security measures are necessary and are expected to: • cause hardships on personnel, • seriously impact normal operations, and • may be economically unsustainable for more than a short time.

  19. FERC Request • FERC requested NERC to develop security standards for inclusion to Standard Market Design NOPR • CIPAG picked-up the Gauntlet • NERC BoT approved CIPAG participation on June 14, 2002

  20. FERC Request • “Minimum Daily Requirements” • Achievable • Granular • Cyber focused • Inter-connection focused

  21. FERC Request • Final draft to FERC July 26 • SMD NOPR released July 31 for general public review, comment • Final SMD ruling late October or early November • Effective date of compliance 2004 • Annual signed self certification

  22. FERC Request • All future standards to be developed and maintained by NERC • All future FERC rule making on standards will refer to NERC standards

  23. Spare Equipment Database • Expanding database created in 1989 • Spare EHV transformers in case of national emergencies • Web based on a secure server • Other equipment to be included

  24. PKI • Needed because of the reliance on computer based systems and applications • Evaluate potential Certificate Authorities • Develop an integrated PKI architecture and deployment strategy • Resolve technical issues • Create web based training materials

  25. ES ISAC • PDD #63 Identified electricity as on e of the eight critical infrastructures • NERC sector coordinator for electricity • IAW Program • Website • CIPAG oversight body for ISAC • Collect, Analyze and Disseminate information

  26. Pulling Together

  27. Available on the Web www.nerc.com Committees CIPAG Related Files

  28. “Security is always excessive until it’s not enough” One Last Thought!

More Related