Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIPC Executive Committee Update

Published byLesley Barrett Modified over 6 years ago

Similar presentations

Presentation on theme: "CIPC Executive Committee Update"— Presentation transcript:

1 CIPC Executive Committee Update
Public Release CIPC Executive Committee Update CIPC Meeting Washington DC June 9, 2005 Stuart Brindley CIPC Chair

2 CIPC Executive Committee
Chair Stuart Brindley (IESO, CEA) Vice-Chair Larry Bugh (ECAR) Vice-Chair Pat Laird (Exelon) Cyber Jamey Sample (Cal-ISO) Physical Bob Canada (Southern Co.) Operations Roger Lampila (NY-ISO) Policy Barry Lawson (NRECA) Secretary Lou Leffler (NERC) Executive Committee 2-year terms end December 2005 Need to “refresh” commitments of all CIPC members - letter to NERC Regional Managers later this year opportunity for greater Owner/Operator involvement

3 CIPC Nominating TF Bob Canada SERC Larry Dolci SPP Tom Glock WECC
Mike Hyland APPA Roger Lampila NPCC

4 CIPC Executive Committee Activities
NERC Board Highlights - May 2 Stakeholder meeting and May 3 Board of Trustees meeting US/Canada Outage TF Recommendations Established the Electricity Sector Coordinating Council (ESCC) and the Government Coordinating Council (GCC) ESCC = NERC President & CEO plus CIPC Executive Committee GCC = DoE lead, plus DHS, FERC Public messaging

5 Critical Infrastructure Protection Committee Update
Stakeholders Committee May 2, 2005

6 Key CIPC Initiatives Complete actions to address the US-Canada Outage TF Recommendations by end-2005 Continue to support the development of the Permanent cyber security standard Plan to support implementation New and revised Security Guidelines and White Papers Contribute to DHS’ National Infrastructure Protection Plan Reach-out within our industry, and to other sectors

7 Key CIPC Initiatives (cont’d)
DHS Plan for Sector Engagement NERC is the Electricity Sector Coordinating Council CIPC’s Executive Committee President/CEO NERC Government Energy Coordinating Council DOE, DHS, FERC, possibly others April 20, 2005 inaugural meeting “One-stop shop” to address strategic issues

8 DHS Plan for Sector Engagement
Electricity

9 Electricity and Telecommunications Interdependencies
Engaged with Telecom and Electric Power Interdependency Task Force Task force reports to the President’s National Security Telecom Advisory Committee Topics include Situational awareness Incident management Restoration priorities - electricity and telecom Well-established local relationships Inter-sector exercises Paper by late Summer 2005

10 New Security Guidelines Critical Infrastructure Protection Committee
Board of Trustees May 3, 2005

11 Control Systems Security
New guidelines for BoT approval Patch Management for Control Systems Control Systems to Business Network Electronic Connectivity Why are they necessary? US-Canada Outage TF Recommendations related to cyber security White paper prepared by CIPC’s Control Systems Security Working Group - “Common Vulnerabilities of Control Systems” Increased industry and government awareness to control systems security; DOE Lab demos Support the Urgent Action and Permanent cyber security standards

12 Development Process Development began Q by CIPC’s Control Systems Security Working Group March 2005, agreed to fast-track During April final draft to CIPC members conducted Webex conference call to review conducted vote

13 Patch Management for Control Systems
How to keep control systems software current and secure Complexities associated with maintaining high availability required of control systems Key steps Maintain asset inventory Notification of new vulnerabilities Assess risks of new vulnerabilities Test and implement

14 Control Systems to Business Network Electronic Connectivity
How to secure control systems from the vulnerabilities introduced when connected to business systems Key steps Identify inventory and information flows User authentication Defence in depth Control and monitor access

15 Results of Vote Quorum established, both passed
Patch Management for Control Systems (85.1%) Control Systems to Business Network Electronic Connectivity (74.0%) Reasons for “no” votes: Generally, “more time to get it right” Some concerns with “the speeded-up process”, rather than “content” Language needs even further emphasis of non-mandatory nature Definitions presume those in latest draft of Permanent Cyber Security Standard

16 US/Canada Outage TF Recommendations
Final Task Force report expected June-05 (Canadian government assigned task of coordinating response to Security-related recommendations) Since Jan-05, several conference calls: CIPC EC and government (DOE, DHS, NRCan, PSEPC) CEA and Canadian government mid-Jan-05, provided CIPC members with a table of security recommendations and actions Table has since been updated to reflect recent CIPC Work Plan accomplishments CIPC commitments compete, or on-target

17 ESCC and GCC

18 ESCC and GCC “Inaugural” meeting April 20 Topics:
ESCC: Gent, Brindley, Leffler, Canada, Lampila, Lawson (Johnson, Hyland, Brown invited as observers) GCC: De Alvarez, Friedman, Kenchington, Caverley, Carrier plus ~10 others Topics: Interim NIPP: Energy Sector-Specific plan provided to ESCC Targeting to provide comments by Jul-05 Don’t forget value of response/recovery Protecting information (CEII, PCII) National Asset Database ESCC position: Continue to question the need for government to have a list of infrastructure assets.

19 ESCC and GCC (cont’d) FACA requirements (Federal Advisory Committee Act) Formal recognition that ESCC provides advice to government But FACA requires open and public disclosure Brindley, Laird participating in Sector Partnership Model Working Group, reporting to NIAC…lawyers deliberating… HSIN Status Need to map information flows - who gets what Technology Roadmap

20 Are we getting that message out to help manage public perceptions?
Public Messaging Our industry is doing a lot to manage threats to our critical infrastructure. Are we getting that message out to help manage public perceptions?

21 Key Messages - Readiness
We take an all-hazards, all-threats approach to security and emergency preparedness Natural threats Man-made threats (cyber & physical attacks) Not just recovery, but mitigation and prevention Tested through drills and exercises Keep government informed - recovery Key Messages - Experience During the [Blackout]…draw on local experiences

22 Key Messages - US/Canada Blackout TF Recommendations
Identify those systems critical to supporting the reliability of the grid Secure the perimeter to those systems Manage and monitor access to those systems Screen and train staff Conducting vulnerability assessments to ensure appropriate measures are in-place … and we were already meeting many of these ... and we’re working to improve and exceed

23 Key Messages - Our Biggest Challenge?
Maintaining and raising awareness Address today’s threats Keeping aware of emerging threats Fill in the blanks: What are your vulnerabilities? What are you doing about them?

24 Key Messages - the Stump Question
The Question: “So what about all those people saying how vulnerable the grid is?” The Answer: From my own experience… We have taken action The industry is taking action … but “never say never”

25 Public Messaging: Go-Forward
Public statements need to be situation-dependent CIPC Exec Ctee and NERC staff as resources Brindley/Laird/Bugh/Leffler Ellen Vancko, NERC Director - Communications & Government Affairs

Download ppt "CIPC Executive Committee Update"

Similar presentations

Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.

Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.
NERC CIPC March 16, 2006 Roadmap to Secure Control Systems in the Energy Sector U.S. Department of Energy Office of Electricity Delivery and Energy Reliability.

NERC CIPC March 16, 2006 Roadmap to Secure Control Systems in the Energy Sector U.S. Department of Energy Office of Electricity Delivery and Energy Reliability.
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)

Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
CIPC Executive Committee Update CIPC Meeting Washington DC June 9, 2005 Stuart Brindley CIPC Chair Public Release.

CIPC Executive Committee Update CIPC Meeting Washington DC June 9, 2005 Stuart Brindley CIPC Chair Public Release.
NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,

NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,
Averting Disaster - Grid Reliability Issues and Standards National Energy Restructuring Conference April 1, 2004 Washington, DC.

Averting Disaster - Grid Reliability Issues and Standards National Energy Restructuring Conference April 1, 2004 Washington, DC.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
CIPC Executive Comittee Update CIPC Conference Call September 16, 2004 Stuart Brindley CIPC Chair CIPC Confidentiality - Public.

CIPC Executive Comittee Update CIPC Conference Call September 16, 2004 Stuart Brindley CIPC Chair CIPC Confidentiality - Public.
Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission June Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation - ERO Perspective David R. Nevius and Michael J. Assante 2009 NRC Regulatory.

Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation - ERO Perspective David R. Nevius and Michael J. Assante 2009 NRC Regulatory.
CRITICAL INFRASTRUCTURE PROTECTION COMMITTEE. 2 Group carried over from ECAR, MAAC, & MAIN workgroups that were assembled to address 1200 Urgent Action.

CRITICAL INFRASTRUCTURE PROTECTION COMMITTEE. 2 Group carried over from ECAR, MAAC, & MAIN workgroups that were assembled to address 1200 Urgent Action.
Security Guidelines Working Group Update CIPC Meeting Phoenix, AZ Mar 16, 2006 Seiki Harada SGWG Chair CIPC Confidentiality: Public Release.

Security Guidelines Working Group Update CIPC Meeting Phoenix, AZ Mar 16, 2006 Seiki Harada SGWG Chair CIPC Confidentiality: Public Release.
Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP-002-1 through CIP-009-1 Larry Bugh ECAR Standard Drafting Team.

Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP through CIP Larry Bugh ECAR Standard Drafting Team.
CIPC Executive Committee Update CIPC Meeting Denver CO September 29, 2005 Stuart Brindley CIPC Chair Public Release.

CIPC Executive Committee Update CIPC Meeting Denver CO September 29, 2005 Stuart Brindley CIPC Chair Public Release.
1 Crisis Response Task Force (CRTF) Proposal Tom Bowe (Chairman) CSO, PJM Interconnection Scott Heffentrager (Temp. Chairman) Physical Security.

1 Crisis Response Task Force (CRTF) Proposal Tom Bowe (Chairman) CSO, PJM Interconnection Scott Heffentrager (Temp. Chairman) Physical Security.
FERC’s New Reliability Initiatives Kevin Kelly Director, Policy Analysis, OMTR Federal Energy Regulatory Commission NARUC Annual Meeting Nashville, TN.

FERC’s New Reliability Initiatives Kevin Kelly Director, Policy Analysis, OMTR Federal Energy Regulatory Commission NARUC Annual Meeting Nashville, TN.
CIP Program Highlights Member Representatives Committee October 28, 2008 Michael Assante, CSO

CIP Program Highlights Member Representatives Committee October 28, 2008 Michael Assante, CSO
Control Systems Security Working Group Report CIPC Meeting Denver, CO September 2005 Tom Flowers Public Release.

Control Systems Security Working Group Report CIPC Meeting Denver, CO September 2005 Tom Flowers Public Release.
Actions Affecting ERCOT Resulting From The Northeast Blackout ERCOT Board Of Directors Meeting April 20, 2004 Sam Jones, COO.

Actions Affecting ERCOT Resulting From The Northeast Blackout ERCOT Board Of Directors Meeting April 20, 2004 Sam Jones, COO.

Similar presentations

Ads by Google