ERCOT IT Update Ken Shoquist VP, CIO Information Technology Board Meeting February 2004.

Slides:



Advertisements
Similar presentations
NERC Reliability Readiness The Next Steps Mitch Needham NERC Readiness Evaluator September 24, 2007.
Advertisements

NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.
Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.
BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
GridWise ® Architecture Council Cyber-Physical System Requirements for Transactive Energy Systems Shawn A. Chandler Maseeh College of Electrical and Computer.
Robert Arnold Federal Highway Administration Director, Office of Transportation Management.
ERCOT’S COMPLIANCE ASSESSMENT and ENFORCEMENT PROGRAM March 23, 2005.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Lessons Learned in Smart Grid Cyber Security
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Seán Paul McGurk National Cybersecurity and Communications
Texas Regional Entity Compliance Report TAC July 9, 2009.
Federal Energy Regulatory Commission June Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation - ERO Perspective David R. Nevius and Michael J. Assante 2009 NRC Regulatory.
Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP through CIP Larry Bugh ECAR Standard Drafting Team.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
ERCOT IT Update Ken Shoquist VP, CIO Information Technology Board Meeting January 2004.
Texas Regional Entity Update Sam Jones Interim CEO and President Board of Directors July 18, 2006.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
May 16, 2007 Board of Directors Texas Regional Entity Division Update Sam R. Jones ERCOT President & CEO.
Actions Affecting ERCOT Resulting From The Northeast Blackout ERCOT Board Of Directors Meeting April 20, 2004 Sam Jones, COO.
1 Texas Regional Entity 2008 Budget Update May 16, 2007.
Overview of WECC and Regulatory Structure
K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.
Status Report for Critical Infrastructure Protection Advisory Group
Role for Electric Sector in Critical Infrastructure Protection R&D Presented to NERC CIPC Washington D.C. June 9, 2005 Bill Muston Public Release.
Item 5d Texas RE 2011 Budget Assumptions April 19, Texas RE Preliminary Budget Assumptions Board of Directors and Advisory Committee April 19,
WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Employee Privacy at Risk? APPA Business & Financial Conference Austin, TX September 25, 2007 Scott Mix, CISSP Manager of Situation Awareness and Infrastructure.
Role of Montana State Fund. Montana State Fund is committed to the health and economic prosperity of Montana through superior service, leadership and.
Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.
DRAFT 1 Belfast th World Cyber Security Technology Research Summit Suren Gupta Allstate Corporation Executive Vice President Allstate Technology.
November 2, 2006 LESSONS FROM CIPAG 1 Lessons from Critical Infrastructure Group Bill Bojorquez November 2, 2006.
Compliance Update September Control Performance Highlights  NERC CPS1 Performance ERCOT’s August score was ERCOT’s CPS1 scores show significant.
Electric Reliability Organization and Issues in Texas Technical Advisory Committee January 4, 2006 Jess Totten Director, Electric Industry Oversight Division.
Grid Operations Report To ERCOT Board Of Directors December 16, 2003 Sam Jones, COO.
Texas Regional Entity ROS Presentation January 15, 2009 T EXAS RE ROS P RESENTATION J ANUARY 2009.
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
October 29, 2012 RARF Workshop 2 Introduction to ERCOT Modeling Process Jay Teixeira Manager, Model Administration.
TEXAS NODAL Market Design Structure and Process August 19, 2003.
Resources for Meeting Internet Safety Requirements Cheryl Elliott James Madison University Bill Johnsen Virginia Beach City Public Schools Educational.
1 Compliance Update June Control Performance Highlights  NERC CPS1 Performance April Performance  April performance comparison April 2007:
Asif Jinnah Field Desktop Services Enabling a Flexible Workforce, an insider’s view.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Vodafone Business Cloud
Updated ERO Enterprise Guide for Internal Controls
Ken Shoquist VP, CIO Information Technology Board Meeting October 2003
California Cybersecurity Integration Center (Cal-CSIC)
ERCOT Technical Advisory Committee June 2, 2005
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Industrial Control Systems Security Market to reach $7bn by 2024: Global.
Cybersecurity: The State Regulators’ Perspective
Protective Security Advisor Program Brief
Understanding Existing Standards:
ISO/IEC 27001:2005 A brief introduction Kaushik Majumder
NERC Critical Infrastructure Protection Advisory Group (CIP AG)
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
NERC Cyber Security Standard
Nero Blanco Service Offering – Disaster Recovery as a Service
Cyber Security in a Risk Management Framework
DSC Contract Management Committee Meeting
Presentation transcript:

ERCOT IT Update Ken Shoquist VP, CIO Information Technology Board Meeting February 2004

Page 2 Security Update – Threat is Real  Last month, an east Texas man pleaded guilty to possession of a weapon of mass destruction. …investigators found a sodium-cyanide bomb capable of killing thousands, more than a hundred explosives, half a million rounds of ammunition, dozens of illegal weapons, and … antigovernment literature. …investigators have been unable to answer questions such as: Where was the sodium-cyanide bomb destined? And were the weapons being prepared for a group or sold individually? Experts say the case is important …because it shows how serious a threat the country faces from within. Source:

February 2004 Page 3 Security Update – Threat is Real (cont.) The worm propagated, blocking SCADA traffic.” (NON ERCOT)  “A server on the control center LAN running SQL was not patched. The worm did not reach the server via the organization’s connection to the Internet. It did apparently migrate through the corporate networks until it finally reached the critical SCADA network via a remote computer through a VPN connection. The worm propagated, blocking SCADA traffic.” (NON ERCOT) Source: NERC, SQL Slammer Worm Lessons Learned for Consideration by the Electricity Sector, June  At ERCOT in January, 13 cyber security incidents, 90 port violations, and five external malicious code events  ERCOT is currently 62% in compliance with NERC Security Standard. All remaining initiatives identified for focus in ’04.

February 2004 Page 4 Purpose and Description  ERCOT is the reliability compliance monitor designated by NERC for the ERCOT electric sector. Consequences of noncompliance from NERC or the DOE could have a negative effect to the operating reliability of the ERCOT electric grid and possible financial penalties to ERCOT. The cyber-security standard is the first ANSI compliant standard approved by NERC.  ERCOT should comply with NERC standards and therefore must control the connection points from market participants to the ERCOT systems to ensure secured, reliable operations. ERCOT expects to become the regional certificate authority as delegated by NERC.  Modeled after the “Regional Planning Process” the ESPAC is a collaborative effort to bring together owners and operators of critical physical and cyber assets to share information and discuss security solutions that will assist in securing the Texas electric sector. Ercot Security Protection Advisor Council (ESPAC)

February 2004 Page 5 Future Structure  The ESPAC will enable ERCOT to monitor compliance with defined NERC standards. In addition, the group may offer security advisory services, assist market participants in developing stakeholder standards and will assist in communicating and clarifying critical information from federal and state agencies. ESPAC (cont.)

February 2004 Page 6 Future Structure (cont.)  ESPAC will: Serve as an expert advisory team to ERCOT in the areas of physical and cyber security Provide updates to the board when requested Establish and maintain an information reporting procedure for critical infrastructure protection among industry segments and, as appropriate, with federal and state government agencies Conduct forums and workshops related to the scope of ESPAC  ERCOT Security Staff will: Establish security standards for interfacing with ERCOT systems Assist stakeholders in developing security standards for the ERCOT Market Lead the ESPAC and manage an open stakeholder forum ESPAC (cont.)