CIPC Executive Comittee Update CIPC Conference Call September 16, 2004 Stuart Brindley CIPC Chair CIPC Confidentiality - Public
CIPC Executive Committee Activities ● Support to NERC Board 2005 Business Plan Strategic retreat ● CIPC Roles Work flow - developing security guidelines ● Monitor progress and resources of WG/TFs Seiki Harada replaces John Maguire on Standards & Guidelines WG ● Relationship with governments ● Opportunities...
NERC 2005 Business Plan ● Recognizes need to increase scope and intensity of CIPC efforts ● Identified CIPC strategic objectives and major work items ● Includes additional NERC staff person dedicated to CIPC ● Request approval at October NERC Board meeting
CIPC Strategic Objectives Further develop ISAC capability Improve coordination and relationships with governments Develop National Infrastructure Protection Plan Develop methods to deter, mitigate and respond to attack Enhance SCADA and process control security Address cyber & physical security Blackout recommendations
NERC Board Strategic Retreat ● From NERC Readiness Audits, develop a plan for identifying and communicating: B est practices C ommonly identified areas for improvement ● Update NERC’s response plan in the event of a significant system disturbance or emergency event ● Coordinate NERC and FERC operator training studies ● Increase the intensity and commitment of stakeholder contributions to Committees ● Clarify the role of the Regions ● More proactive with governments - regulatory, security
CIPC Relationships & Roles Electricity Sector - Critical Infrastructure Protection Risk AssessmentsThreatsEarly WarningOperational Response Electricity Industry Associations: North American Electric Reliability Council Edison Electric Institute American Public Power Assoc. National Rural Electric Co-op Assoc. Canadian Electricity Association CIP Committee * Executive Committee ESISAC Subcommittee Security Planning Subcommittee Working Groups & Task Forces ELECTRIC POWER SYSTEM OPERATION PHYSICAL INFRASTRUCTURE INFORMATION TECHNOLOGY ELECTRICITY SECTOR ENTITIES Utilities, Transmitters, Generators, Distributors, Independent System/Market Operators OPERATIONSPHYSICAL AND CYBER SECURITY EMERGENCY MANAGEMENT PUBLIC HEALTH & SAFETY CRITICAL INFRASTRUCTURE PROTECTION NERC Leadership Technical Steering Ctee Other NERC Standing Ctees OC, PC, MC, etc US: Department of Homeland Security (DHS) Department of Energy (DOE) Federal Energy Regulatory Commission (FERC) Canada: Public Safety & Emergency Preparedness Canada (PSEPC) Natural Resources Canada (NRCan) Federal, Provincial and State Governments 14 ISACs Sector Coordinators & ISAC Council Executive Committee: Identify strategic objectives and priorities Respond to requests from NERC leadership, governments and industry associations Identify needs to Working Groups/Task Forces Seek active contribution of CIPC members. Schedule and lead CIPC meetings Support NERC President as Sector Coordinator Subcommittee Working Groups & Task Forces: Define scope, deliverables, milestones and resource requirements Provide periodic status of milestones, deliverables to Executive Committee Conduct Working Group/Task Force meetings. Assign tasks to Committee members NERC Staff: Arrange meeting facilities such as physical space or conference calls Provide administrative support Act as primary contact with governments, decide responses with Executive Committee Operate the ESISAC CIP Committee Roles *
CIPC Work Flow - Security Guidelines Identify need Approve scope & resources CIPC review and approval to forward to NERC Board Post “final document” for public review Prepare “final document” Forward “content draft” to Standards & Guidelines WG for: consistency with existing Standards & Guidelines final format CIPC approval of “content draft” Submit “content draft” for CIPC approval Prepare “content draft” Prepare scope and identify resources Prioritize & assign to Working Group/Task Force Executive CommitteeStandards & Guidelines WGNERC StaffCIPC MembersWorking Group/Task Force Prepare “final draft” Review “content draft” Review scope 2 weeks 1 week Scope-dependent As versions developed Within days Facilitate meetings & conference calls Coordinate review of other NERC Committees as appropriate Scope-dependent
Relationships with Governments ● Canada-US Outage TF report - prioritize actions ● DHS interface with NERC as Sector Coordinator, ESISAC, ISAC Council NERC President, CIPC Chair are Sector Coordinators ● Aug 31/04 meeting with senior DHS officials (NERC, EEI, AGA) ● Response to large-scale emergencies (eg. Blackout, hurricanes) ● Multi-national CIP initiative - assess opportunity industry and governments Australia, New Zealand, US, Canada
Canada-US Outage TF Report ● High visibility by governments - life of Task Force extended by 1 year ● 16 of 46 recommendations related to CIP many require coordination with other NERC Committees (esp. Operating and Planning) ● Actions underway within CIPC many during 2004 some through 2005… and beyond
Sector Coordinators/ISAC Council Mission: To advance the physical and cyber security of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction between and among the ISACs and with government
Sector Coordinator/ISAC Council Initiatives ● Single forum for DHS to interface with all 14 critical infrastructure sectors who’s who ? Include Sector-Specific Agencies (eg. DoE) ● Matrix project - sharing structure, scope of each ISAC ● Interdependency Task Force - proposed 3 tabletop exercises to DHS ● Media/Outreach - key public messages communicating what is being done ● Physical/Cyber - integrating these functions ● Emergency Notification System (ENS) and conference bridge in place
Opportunities... ● Improved coordination with government 2-way information sharing, risk assessment ● Industry outreach to the public regarding CIP threats and incidents… as we did during the Blackout Sector Coordinating Council PCIS/Sector Coordinators ISACs Government Coordinating Council DHS Sector-Specific Agencies (eg.DoE)
Opportunities... ● Growing the ESISAC During response mode, can’t just be NERC staff Leverage CIPC participants: Subject matter expertise Getting the right resources, right away Coordinate with Operations Timely and effective support of government
Building the DHS Relationship August 31, 2004 Meeting Nebraska Ave. Washington DC
Participants DHS: Bob Liscouski, Al Martinez-Fonts, Jim Caverley, Bill Flynn, Taralyn Riordon Electricity, Gas Sectors: Stuart Brindley, Bob Canada, Pat Laird, Lyman Shaffer
Meeting Objectives ● Recognize successful initiatives with DHS ● Demonstrate the commitment of asset owner/operators, and support of industry associations NERC, EEI, AGA, others Sector Coordinators, ESISAC, ISAC Council ● Improve 2-way communication between industry and DHS
Recognizing Successes ● NERC ESISAC project with Homeland Security Information Network (HSIN) ● ES contribution to NIPP (energy annex) ● Canada-US interdependency exercise ● NERC Security Standards, Guidelines and Workshops ● Cyber intrusion detection system pilot ● Security clearances with some industry players ● Regional gas reliability studies ● ESISAC support during emergencies (eg. hurricanes)
DHS and Industry Roles ● Industry sees too many CIP contacts with government agencies ● Not all Sector Coordinators or ISACs reach across their entire sector NERC is Sector Coordinator and operates ESISAC CIPC reaches broadly across electric sector DHS to formally recognize NERC through provisions of Federal Advisory Committee Act
Opportunities for Improvement ● Threat assessment and info-sharing industry decision-makers with security clearances ● Early consultation to facilitate DHS initiatives ● Support DHS’ National Infrastructure Coordinating Centre (NICC) Situation-dependent ● Protection of Critical Infrastructure Information (PCII) Some time until appropriate protection is in place ● DHS establishing liaison in 68 Secret Service field offices