Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

Slides:

Advertisements

Similar presentations

Smart Grid: an Ontario Perspective Brian Hewson, Senior Manager Regulatory Policy Hamilton May 8, 2013.

Advertisements

Development and Operation of Active Distribution Networks: Results of CIGRE C6.11 Working Group (Paper 0311) Dr Samuel Jupe (Parsons Brinckerhoff) UK Member.

Global Marketing Overview of Supply Chain Security Assurance Certification/membership in supply chain security programs –Different programs focus on particular.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

Agenda COBIT 5 Product Family Information Security COBIT 5 content

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Global Information Systems

Peter Brudenall & Caroline Evans- Simmons & Simmons Marsh Technology Conference 2005 Zurich, Switzerland. Managing the Security Landscape – Legal and Risk.

Security Controls – What Works

Framework for Global Electronic Commerce Communications 411 Relevant Site:

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Managing a Smart Grid with Operational Efficiency Ray Bariso Executive Director – Solution Strategy.

August 8, 2015ECI Confidential. AccessWave Smart Grid Market Trends& Applications Matthias Nass VP Field Marketing EMEA.

Information Systems Controls for System Reliability -Information Security-

TIA/ANSI Presentation on New and Novel Topic (NNT) Agenda Item 7 “Smart Grid” David Su DOCUMENT #:GSC14-PLEN-013 R1 FOR:Presentation SOURCE:TIA/ANSI/NIST.

EU Commission Task Force for Smart Grids Expert Group 3: Roles and Responsibilities of Actors involved in the Smart Grids Deployment Samia Benrachi-Maassam.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All IEEE-SA Smart Grid Steve Mills, President, IEEE Standards Association Document No: GSC16-PLEN-47.

Smart Grid Interoperability Standards George W. Arnold, Eng.Sc.D. National Coordinator for Smart Grid Interoperability National Institute of Standards.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO / BS7799.

A NASSCOM ® Initiative Security and Quality Kamlesh Bajaj CEO, DSCI May 23, 2009 NASSCOM Quality Summit Hyderabad 1.

Evolving IT Framework Standards (Compliance and IT)

Lessons Learned in Smart Grid Cyber Security

James Brehm Senior Strategist Compass Intelligence.

“Mitigating Offshoring Risks in a Global Business Environment“

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Andrea Ricci - ISIS Brussels, 12 April 2012 Smart Grids: Overview of the study and main challenges 1.

DOCUMENT #:GSC15-PLEN-53 FOR:Presentation SOURCE:ETSI AGENDA ITEM:PLEN 6.11 CONTACT(S):Emmanuel Darmois, Board Member Marylin Arndt, TC M2M chair Smart.

COBIT Information Security An Introduction Tanvir Orakzai,PhD

GRC - Governance, Risk MANAGEMENT, and Compliance

IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.

Frankfurt (Germany), 6-9 June 2011 Xin MIAO, and Xi CHEN – P. R. China – Session 6 – 0393 Communication technical standards infrastructure of the smart.

Using Business Scenarios for Active Loss Prevention Terry Blevins t

Challenges in Infosecurity Practices at IT Organizations

Doc.: IEEE /0047r1 Submission SGIP Liaison Report to IEEE Following the SGIP (2.0) Inaugural Conference Nov 5-7, 2013 Date:

Committee of Sponsoring Organizations of The Treadway Commission Formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting “Internal.

An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

Frankfurt (Germany), 6-9 June 2011 Fabio Cazzato, Simone Botton, Marco Di Clerico – Enel Distribuzione SpA Simone Botton – Italy – Session 4 – Paper ID.

Internet Banking Key Issues Internet Banking Working Group May 14, 1998.

IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.

WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.

Creating a European entity Management Architecture for eGovernment CUB - corvinus.hu Id Réka Vas

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

Interoperability Standards and Next Generation Interconnectivity Pankaj Batra Chief (Engineering) CERC.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. BUSINESS PLUG-IN B19 Global Information Systems.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

June 17, 2009 Michael W. Howard, Ph.D. Sr. Vice President The Interoperable Smart Grid Evolving.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Implications of regulatory changes of the market model on the distribution business.

NCP Info DAY, Brussels, 23 June 2010 NCP Information Day: ICT WP Call 7 - Objective 1.3 Internet-connected Objects Alain Jaume, Deputy Head of Unit.

Cyber Security : Indian perspective. 22 Internet Infrastructure in INDIA.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Frankfurt (Germany), 6-9 June 2011 PAATERO – SE – S6 – Paper 0485 Adopting a general regulatory approach on the European electricity market Noona Paatero.

Thandi Tesfagiorgis Supervisor: Prof John Ledger (University of Johannesburg) Co Supervisor: Andrew Paverd (Oxford University)

Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.

CIM Modeling for E&U - (Short Version)

Information Security based on International Standard ISO 27001

Smart Grid Interoperability Standards

IS4680 Security Auditing for Compliance

Securing the Threats of Tomorrow, Today.

Group Meeting Ming Hong Tsai Date :

ETSI Standardization Activities on Smart Grids

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Energy Storage & Cyber Security

Adding security to your ICS environment? Fine! But how?!

Presentation transcript:

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June Smart Grid Architecture 2. Risk Scenarios 3. Comparison with other markets 4. Methods 5. Certification IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011 Martin Schaefer – Sweden – Session 6 – 0210 IT COMPLIANCE IN SMART GRIDS Smart Grid Architecture Based on: NIST SP 1108 NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0

Frankfurt (Germany), 6-9 June 2011 Martin Schaefer – Sweden – Session 6 – 0210 IT COMPLIANCE IN SMART GRIDS Smart Grid Architecture  Challenges: Introduction and expansion of a communication network for the current and future electricity grid Introduction of new technology Introduction of intelligent control and connectivity between different domains  Constraints: Long-term use of legacy assets in the domains of operation, bulk generation, transmission and distribution In some parts, use of a large-scale homogeneous technical environment, e.g. Smart Meters There are currently no common or aligned standards designed to achieve an architecturally compatible technology.

Frankfurt (Germany), 6-9 June 2011  Customer Data – Confidentiality Aggregating and sharing of customer data throughout different grid actors Different legal environments  Fraud – Integrity Tampering with customer data Energy theft and fraud IT COMPLIANCE IN SMART GRIDS Risk Scenarios Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011  Technical threats IT COMPLIANCE IN SMART GRIDS Risk Scenarios Martin Schaefer – Sweden – Session 6 – 0210 IntentionalUnintentional Malicious E.g. a dedicated attack by criminal individuals, groups, terrorists or nations E.g. an undirected attack by a ‘common’ Botnet virus Non-malicious E.g. a disgruntled employee/ outsourcing vendor intentionally manipulates sensor data E.g. malfunction of software or procedures

Frankfurt (Germany), 6-9 June 2011  Financial Market Sarbanes-Oxley Act (SOX)  adapted to EuroSOX, JSOX - global rule set for activities such as governance, reporting and enterprise risk management. COSO  guidance on organizational governance, business ethics, internal control, enterprise risk management, fraud and financial reporting COBIT  control framework for technical compliance IT COMPLIANCE IN SMART GRIDS Comparison with other markets Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011  Compliance for Telecommunications Signaling System 7 (SS7)  enabling interconnectivity between large networks  basis for telecommunication services that are compliant with different legal requirements EU formed Body of European Regulators for Electronic Communications (BEREC)  Ensure compliance with EU regulatory framework IT COMPLIANCE IN SMART GRIDS Comparison with other markets Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011  Existing frameworks/standards (ISA 99 series, NERC Critical Infrastructure Protection (CIP) series, NIST )  Maps or models to apply such standards (e.g. Zone Model / Zoning Principles)  Avoid compliance with standard A implies non-compliance with standard B  Currently heavy technical focus  Currently no common / complete standards that steer and enable Smart Grid development considering all aspects (customer privacy, technical issues, fraud)  Target: framework of mutually compliant standards to enable compliant development of Smart Grids and build trust / acceptance IT COMPLIANCE IN SMART GRIDS Methods Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011  From competitive advantage to operational requirement Quality Management ISO 9000 series IT Service Management ISO series Information Security Management ISO series  Certifications for certain areas are available, giving currently competitive advantage  Focus area for certification could be Smart Meter (huge amount of homogeneous devices) IT COMPLIANCE IN SMART GRIDS Certification Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011  Increasing interconnectivity in Smart Grid architecture  New risk scenarios e.g. increasing amount of customer data throughout different grid actors  IT Compliance with a framework of mutually compliant standards could help to build secure systems and trust  Certification - from competitive advantage to operational requirement IT COMPLIANCE IN SMART GRIDS Summary Martin Schaefer – Sweden – Session 6 – 0210

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Thank you for your attention! Martin Schaefer – Sweden – Session 6 – 0210