1 ERCOT/TRE Representation to NERC CIPC for TRE Members’ Representative Committee Jim Brenton CISSP, ISSAP, Vice Chair NERC CIP Committee David Grubbs, PE, NERC CIPC Executive Committee June 27, 2012
2 Critical Infrastructure Protection Committee (CIPC) CIPC Mission Advance the physical and cyber security of the critical electricity infrastructure of North America. CIPC Vision Foster information sharing, provide industry leadership and a forum for exchanging ideas and promote dialogue on key issues critical Infrastructure protection of the Bulk Electric System. CIPC Guiding Principles Continue to strive for excellence in: –Maintain relationship with and promote information sharing with other committees –Maintain high level of expertise –Align priorities with ERO and across the other standing committees –Ensure CIPC resources are efficiently used
3 CIPC Charter Voting Structure
4 NERC CIPC Executive Committee Voting Structure
5 NERC CEO’s Top Priority Issues for BES Reliability Top Priority NERC CEO-Directed Task Forces Spare Equipment Database Task Force (PC/OC) Geomagnetic Disturbance Task Force (PC/OC/CIPC) Severe Impact Resilience Task Force (OC/PC/CIPC) Cyber Attack Task Force (CIPC) CIPC Committee Cyber Attack Task Force Non-traditional threats via cyber security vulnerabilities formed with standing committee’s cyber expertise CIPC Support to Operating and Planning Committees Geomagnetic Disturbance Task Force ― Assist Operating and Planning Committees (lead committees) by soliciting participants from CIPC Severe Impact Resilience Task Force ― Solicit and encourage CIPC member participation on OC task force
6 NERC CIPC Areas of Strategic Focus 1.Advisory Panel Serve as an expert advisory panel to the NERC Board of Trustees, Electric Sub-sector Coordinating Council (ESCC) and Standing Committees in the areas of physical and cyber security. Serve as an expert advisory panel to the Electricity Sector Information Sharing and Analysis Center (ES-ISAC). 2.NERC Alerts CIPC will utilize the expertise of its members and NERC staff, as well as the CIPC Executive Committee to support the timely review, coordination and dissemination of industry alerts and informational responses. 3.Guidelines and Technical Reports CIPC will develop and maintain guidelines and technical reports on CIP matters and provide technical support to standard drafting teams (SDTs). 4.Standards and Compliance Input CIPC will support the NERC Compliance initiatives by providing timely topical expertise on matters related to cyber and physical security. CIPC will also develop and submit Standard Authorization Requests (SARs) on CIP matters as needed.
7 NERC CIPC Areas of Strategic Focus BES Security Metrics CIPC will utilize the expertise of its members, NERC staff and others to provide direction, technical oversight, feedback on the collection of industry metrics, and reporting of Bulk Electric System security performance metrics. 5.Electric Sector Security Clearances Coordinate with the Department of Homeland Security to determine and recommend appropriate U.S. Government security clearances to be available to members of the CIPC and other industry subject matter experts. 5.Support to Energy Sector Control Systems Working Group (ESCS WG) “Roadmap to Achieve Energy Delivery Systems Cyber Security” CIPC will encourage industry support of The Roadmap to Achieve Energy Delivery Systems Cyber Security prepared by the ESCS WG. 6.Public-Private Partnership for Information Sharing Support of the ESCC is Goal #1: “Enhance situational awareness within the electricity sub-sector and with government through robust, timely, reliable, and secure information exchange”. CIPC will collaborate with ESCC to identify information sharing protocols and enhance information sharing of actionable information between government and industry.
8 NERC CIPC Areas of Strategic Focus Emerging Issues CIPC will utilize the expertise of members and NERC staff to identify emerging issues and take timely and appropriate action. 10.Focus on Balanced Approach in Bulk Electric System Security CIPC will emphasize a balanced cyber, physical and operational security approach on each task force or working group. 11.Analysis of Security Incidents Impacting the Bulk Electric System CIPC will coordinate with Operating and Planning Committees on developing a mechanism for identification and analysis of security incidents impacting Bulk Electric System
9 NERC CIPC Areas of Strategic Focus CIP Training and Educational Outreach CIPC will provide meeting attendees with an opportunity to participate in physical, cyber and operational security training and educational outreach opportunities. 13.Framework for Board of Trustees/ESCC/CIPC Relationship CIPC will work with and support the NERC Board of Trustees and ESCC as requested. 14.CIPC Member Involvements CIPC will utilize the expertise of the committee members by providing opportunities to participate in CIPC activities.
10 NERC CIPC – What it is not Does not address or comment on NERC Standards (all Standards Drafting Teams report to NERC Standards Committee) Does not develop SARs Does not make recommendations on Legislation (although generally receives a report on the status of legislation) Generally avoids most compliance and enforcement issues, but does write whitepapers on how to implement CIP standards NERC CIPC concentrates on BES Security and Reliability not Compliance
11 NERC CIP Committee Subgroups CIPC Executive Committee Physical Security Subcommittee Cyber Security Subcommittee Operating Security Subcommittee Policy Subcommittee Protecting Sensitive Information TF Physical Security Analysis WG Physical Security Training WG Control Systems Security WG Cyber Security Analysis WG Cyber Security Training WG Information Sharing TF HILF Implementation TF NERC Grid Exercise WG Cyber Attack TF BES Security Metrics WG Personnel Security Clearance TF Compliance & Enforcement Input WG Physical Security Guideline TF Existing
12 NERC CIPC Physical Security Subcommittee –Subcommittee Chair: David Grubbs, (Garland/TRE) –Existing Protecting Sensitive Information TF Chair: Nathan Mitchell, (APPA Staff) Physical Security Guideline TF Chair: John Breckinridge, (KCP&L/SPP) –New Physical Security Analysis WG Chair: Ross Johnson, (Capital Power/CEA) –Future Physical Security Training WG Physical Security Subcommittee Protecting Sensitive Information TF Physical Security Analysis WG Physical Security Training WG Physical Security Guideline TF
13 NERC CIPC Cyber Security Subcommittee –Subcommittee Chair: Marc Childs, (Great River Energy/MRO) –Existing Control System Security WG Chair: Mark Engels, (Dominion/RFC) Cyber Attack TF Chair: Mark Engels, (Dominion/RFC) –New Cyber Events Analysis WG Chair: Stephen Diebold, (KCP&L/SPP) Cyber Security Training WG Chair: William Whitney, (Garland/TRE) Cyber Security Subcommittee Control System Security WG Cyber Security Analysis WG Cyber Security Training WG Cyber Attack TF
14 NERC CIPC Operating Security Subcommittee –Subcommittee Chair: Carl Eng (Dominion/RFC) –New Information Sharing TF Chair: Steve Diebold, (KCP&L/SPP) HILF Implementation TF Chair: Bill Muston (Oncor/TRE) –Future NERC GridSec Exercise WG Operating Security Subcommittee Information Sharing TF HILF Implementation TF GridSec Exercise WG
15 NERC CIPC Policy Subcommittee –Subcommittee Chair: Nathan Mitchell (APPA Staff) –New BES Security Metrics WG Chair: Jamie Sample (PG&E/WECC) Personnel Security Clearance TF Chair: Jim Brenton (ERCOT/TRE) –Future Compliance & Enforcement Input WG Policy Subcommittee BES Security Metrics WG Personnel Security Clearance TF Compliance & Enforcement Input WG
16 Voting Members on NERC CIP Committee David Grubbs / Operations & Physical, Garland – Director Regulatory Affairs & Compliance –Chairman of ERCOT CIP Working Group –Member of NERC CIPC for 4 years –Member of NERC CIPC Executive Committee – 2 years –Chairman of NERC CIPC Physical Security Subcommittee –Member of NERC SIRTF Executive Committee –Member of NERC Physical Protection Guidelines Committee –Member of NERC HILF Implementation Task Force –Participated in 2012 DoD Defense Industrial Base Study of DFW power restoration –Member ERCOT TAC, , 2010-present –Member ERCOT Board of Directors, –Past Chair ERCOT Network Data Support WG –Past Chair ERCOT Power Interchange Effects WG –Past Chair ERCOT Operating Guides Revision TF –U.S. Gov //SECRET// Clearance
17 Voting Members on NERC CIP Committee William Whitney / Cyber, Garland – Manager Operations Technical Services –Vice Chairman of ERCOT CIP Working Group –Newly selected NERC CIPC by ERCOT CIP WG in 2012 –Member of NERC CIPC Cyber Attack Task Force –Member of NERC CIPC Personal Security Clearance Task Force –Member of DHS/US-CERT ICSJWG Workforce Development Subgroup –Chair of NERC CIPC Cyber Security Training Working Group –U.S. Gov //SECRET// Clearance
18 Voting Members on NERC CIP Committee—continued Jim Brenton / Cyber, ERCOT – Principal & Regional Security Coordinator –ERCOT Representative to NERC CIPC – 6+ years –NERC CIPC Vice Chairman – One year –Member of NERC CIPC Executive Committee – 3+ years –Chairman of NERC CIPC Personal Security Clearance Task Force –Member of NERC CIPC Bulk Electric System Security Metrics Working Group –Chairman, TX Private Sector Advisory Council for CI/KR Protection to the Governor –Co-founder & ERCOT Staff Facilitator ERCOT CIP Working Group – 6 years –Member of ISO/RTO Council Security Working Group – 6+ years –Member of DoE Advisory Council for Electricity Sector Cybersecurity Capability Maturity Model (ESC2M2) Pilot Initiative requested by the White House Cyber Security Advisor to the President and the National Security Council – May 2012 –Participated in 2012 DoD Defense Industrial Base Study of DFW power restoration –Member of the Government/Industry Task Force that prepared classified report on Remote Network Security Vulnerabilities for NERC in Feb 2010 –Member of DoE Energy Sector Control Systems Working Group that prepared the 2011 DoE “Roadmap for Energy Delivery Systems Cybersecurity” –Member of NERC/NIST/DoE/Industry team that prepared the DoE “Cybersecurity Risk Management Process Guideline” for the Electricity Subsector in 2011 –Member of NERC CIP Standards Drafting Team ( ) –U.S. Government //SECRET// Clearance
19 ERCOT Alternates for NERC CIP Committee Alternates Listed on NERC Roster: Ann Delenela / Cyber, ERCOT Director of Security –Alternate for 6+ years –U.S. Gov //SECRET// Clearance Christine Hasha / Cyber, ERCOT Senior Compliance Analyst –Alternate for 2+ years –Member of NERC CIP Standards Drafting Team Martin Narendorf / Physical, CenterPoint Director, Substation Operations –Alternate for 3+ years Bill Muston / Cyber, Oncor Manager, Research & Development –Alternate for 6+ years –Co-founder and member of ERCOT CIPWG – 6 years –U.S. Gov //SECRET// Clearance Elias A. Villanueva / Operations, ERCOT Supervising Engineer, System Operations –Alternate for 6+ years Scott Rosenberger / Cyber, EFH Director, Security & Compliance –Former NERC CIPC Voting Member 2 years and Alternate for 3+ years –Former Vice Chairman ERCOT CIP WG – 2 years –Member of NERC CIP Standards Drafting Team – 5 years –U.S. Gov //SECRET// Clearance
20 Proposed Criteria for Consideration for NERC CIPC Representatives from TRE/ERCOT Active in ERCOT CIP Working Group Meetings and Activities Active in NERC CIPC Working Groups, Task Forces or NERC CIP Standards Drafting Teams Recognized expertise and/or certification in at least one of the following security areas: –Cyber Security; Physical Security; Control System/SCADA Security; Operational Security; and, Security Policy, Regulations and Standards Company commitment for time and travel expense of participating in 8-10 out of town NERC CIPC/TF/WG meetings, two classified briefings per year, in addition to ERCOT CIP WG meetings in Austin US Government //SECRET// or higher Security Clearance sponsored by the DHS, DoE, DoD, DoJ/FBI, or other Federal Department or Agency for access to Classified National Security Information related to the protection of Critical Infrastructure.
21 Questions and Discussion