State of the Industry NAESB Critical Infrastructure Committee.

Slides:

Advertisements

Similar presentations

NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.

Advertisements

Smart Grid: Electric Power Industry and the FERC Kevin Kelly Director, Policy Development Division Office of Energy Market Regulation Federal Energy Regulatory.

Tenace FRAMEWORK and NIST Cybersecurity Framework Block IDENTIFY.

NERC CIPC March 16, 2006 Roadmap to Secure Control Systems in the Energy Sector U.S. Department of Energy Office of Electricity Delivery and Energy Reliability.

1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.

IEEE JOINT TASK FORCE ON QUADRENNIAL ENERGY REVIEW Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure.

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

U.S. General Services Administration Presentation to: Software and Supply Chain Assurance Forum Improving Cybersecurity through Acquisition December 17,

National Infrastructure Protection Plan

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,

1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson.

Alabama GIS Executive Council November 17, Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.

SMART GRID: Privacy Awareness and Training – A Starting Point for Utilities October 2011 SGIP-CSWG Privacy Group 1.

1 ISO/RTO Council Wholesale Demand Response Projects & OpenADR David Forfia.

1 Accelerating Standards for the Smart Grid David Wollman National Institute of Standards and Technology

K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

California Common Operating Picture (Cal COP) for Public Safety

Food and Agriculture Sector Coordinating Councils John L. Williams, DVM U.S. Department of Agriculture AFDO Annual Conference Kansas City, MO June 7, 2005.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

Robert Arnold Federal Highway Administration Director, Office of Transportation Management.

Lessons Learned in Smart Grid Cyber Security

John McDonald 05 November 2013 SGIP Members Meeting.

NSTC Smart Grid Subcommittee Overview and Goals for Ongoing Federal/State Collaboration By George Arnold, NIST & Jessica Zufolo, RUS NARUC Annual Convention,

Summary Device protocols tied intimately to applications. A need to significantly reduce critical data update times. Current network bandwidth consumption.

H.B. “Trip” Doggett President and Chief Executive Officer Tab 4: Proposed 2013 – 2017 Strategic Plan – Redline Board of Directors Strategic Planning Event.

1 © 2003 Cisco Systems, Inc. All rights reserved. CIAG-HLS Security For Infrastructure Protection: Public-Private Partnerships KEN WATSON 15 OCT.

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

The NIGF CONFERENCE © 2013 ADDRESSING THE VULNERABILITY OF CRITICAL ICT INFRASTRUCTURE by Ernest Ndukwe, OFR Chairman Openmedia Communications Ltd 18 th.

Secure Connections for a Smarter World Dr. Shuyuan Mary Ho Assistant Professor School of Information Florida State University.

An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.

MDS Global IT Strategy Discussion July 7, Agenda  IntroductionErnest  Strategic directionsGanesh  DiscussionAll  Next stepsErnest.

Status Report for Critical Infrastructure Protection Advisory Group

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

FCC Field Hearing on Energy and the Environment Monday November 30, 2009 MIT Stratton Student Center, Twenty Chimneys Peter Brandien, Vice President System.

Role for Electric Sector in Critical Infrastructure Protection R&D Presented to NERC CIPC Washington D.C. June 9, 2005 Bill Muston Public Release.

Smart Grid Interoperability Panel & ISO / RTO Council Smart Grid Projects David Forfia SGIP Governing Board Member – Stakeholder Category 21 ISO/RTO Sponsor.

WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.

1 RIC 2009 Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation George Wilson NRR/ADES/DE/EEEB March 11, 2009.

Federal Cybersecurity Research Agenda June 2010 Dawn Meyerriecks

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

Interoperability Standards and Next Generation Interconnectivity Pankaj Batra Chief (Engineering) CERC.

Grid Security and Advancements in Smart Grid Technology Dr. Veronika A. RABL Chair, IEEE-USA Energy Policy Committee Principal, Vision & Results Washington,

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Mid-Atlantic Federal Lab Consortium.

November 2, 2006 LESSONS FROM CIPAG 1 Lessons from Critical Infrastructure Group Bill Bojorquez November 2, 2006.

Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management.

1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.

Advancing Government through Collaboration, Education and Action Cybersecurity SIG Priority Area Project/Activity Report SIG Leadership Meeting July 17,

ERCOT IT Update Ken Shoquist VP, CIO Information Technology Board Meeting February 2004.

CNCI-SCRM STANDARDIZATION Discussion Globalization Task Force OASD-NII / DoD CIO Unclassified / FOUO.

Responsive Innovation for Disaster Mitigation Gordon A. Gow University of Alberta.

Homeland Security, First Edition © 2012 Pearson Education, Inc. All rights reserved. Overview of National Infrastructure Protection CHAPTER 3.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

A Layered Solution to Cybersecurity Dr. Erfan Ibrahim Cyber-Physical Systems Security & Resilience Center National Renewable Energy Laboratory.

UNCLASSIFIED Homeland Security 2016 TRB Annual Meeting Cyber Risk Management CAPT Verne Gifford (CG-5PC) 1.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Iowa Communications Alliance

Agenda Control systems defined

By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union

NERC Critical Infrastructure Protection Advisory Group (CIP AG)

NERC Cyber Security Standard

NERC Critical Infrastructure Protection Committee (CIPC) Executive Committee Public Release 29 September 2005.

CYBER RISKS IN SECURITIES SERVICES

Standards Review Subcommittee Update

Presentation transcript:

State of the Industry NAESB Critical Infrastructure Committee

Regulatory Changes FCC is performing smart grid, cybersecurity and critical infrastructure protection inquiries. NAESB has taken steps to achieve visibility with FCC stakeholders and to advise membership on new moves by the FCC. NIST has submitted its draft NISTIR for public comment, and FERC has now solicited comments. NERC has clearly limited jurisdiction in view of Federal Power Act 215 scope, what comes next?

Telecom Sector Interest Robert Mayer, VP Strategy at USTelecom, vice- chair Communications Sector Coordinating Council Given the deepening interdependency of the telecom and power grid, how does this increase risk to critical infrastructure? Are we making regulators aware of industry’s active efforts and the new financial and operational burdens? How can we work productively together?

Vulnerabilities Not just about smart meters anymore, it’s getting worse. “Asymmetric” warfare presentation by al-Qaeda terrorists & others (in addition to foreign gov’ts.) Existing security controls are now proven to be inadequate, may provide false sense of confidence in security posture Costs to implement solutions are not yet known

Justifications for Action Premise 1: Current federal regulators, (NERC, DOT, DOE, etc) have no real penetration and visibility into retail operations Premise 2: Interdependency with telecom sector assets provides an exponentially growing attack surface Premise 3: Failure to protect the architecture end-to-end can propagate up to and across BES, trading systems for gas and electric transactions could be compromised or altered. Premise 4: Risk of failure is higher and growing, with exposure to crippling regulation, financial ruin, and untenable public safety risk.

Solutions We need real-time intelligence on: – What current deployments look like – Where the vulnerabilities are – What attacks are occurring in real time We need support from regulators: – Immunity from liability on current vulnerabilities – Release from anti-trust and other constraints to promote collaboration – A real-time vehicle to enable secure, trusted, candid conversations and situational awareness

Discussion