Presentation is loading. Please wait.

Presentation is loading. Please wait.

Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.

Published byDrusilla Paul Modified over 9 years ago

Similar presentations

Presentation on theme: "Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings."— Presentation transcript:

1 Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings

2 Ballot Results CIP-002-5 Cyber SecurityQuorum: 93.62% Approval: 22.09% CIP-003-5 Cyber SecurityQuorum: 93.62% Approval: 33.49% CIP-004-5 Cyber SecurityQuorum: 93.62% Approval: 26.82% CIP-005-5 Cyber SecurityQuorum: 93.62% Approval: 28.04% CIP-006-5 Cyber SecurityQuorum: 93.61% Approval: 29.60% CIP-007-5 Cyber SecurityQuorum: 93.61% Approval: 24.15% CIP-008-5 Cyber SecurityQuorum: 94.02% Approval: 34.30% CIP-009-5 Cyber SecurityQuorum: 93.61% Approval: 27.28% CIP-010-5 Cyber SecurityQuorum: 93.61% Approval: 26.61% CIP-011-5 Cyber SecurityQuorum: 93.61% Approval: 29.88% CIP V5 Implementation PlanQuorum: 92.15% Approval: 42.06% CIP V5 DefinitionsQuorum: 92.56% Approval: 25.34%

3  The drafting team will consider all comments and determine what changes to make to each of the standards, the implementation plan, and the definitions.  After the drafting team has revised the standards, they will be submitted, along with the team’s Consideration of Comments, for quality review and subsequently posted for a successive ballot.

4 Consideration of comments January 6 – March 26 30-day posting for comment and successive ballot March 26 – April 27 Possible Recirculation ballot June 6–22

5  Critical assets  Replaced by CIP-002 Attachment 1 and BES Reliability Operating Services definition  Critical cyber assets  Replaced by BES Cyber Asset and BES Cyber System  Physical security perimeter  Replaced by Defined Physical Boundary  No more “six-wall” specification

6  Cyber Assets Programmable electronic devices including the hardware, software, and data in those devices  BES Cyber Asset A Cyber Asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its operation, mis- operation, or non-operation, when required, adversely impact one or more BES Reliability Operating Services  BES Cyber System One or more BES Cyber Assets that are typically grouped together, logically or physically, to operate one or more BES Reliability Operating Services  Largely replaces Critical Cyber Asset  Provides an opportunity for controls to be applied at a system level

7  High Impact ◦ Large Control Centers ◦ CIP-003 through 009+  Medium Impact ◦ Generation and Transmission ◦ Other Control Centers ◦ Similar to CIP-003 to 009 v4  All other BES Cyber Systems ◦ Security Policy ◦ Security Awareness ◦ Incident Response ◦ Boundary Protection

8  Categorized list of High and Medium Impact  Attachment 1 criteria  Other BES Cyber Systems deemed to be Low Impact by default  Update required lists for significant changes to BES that affect High/Medium categorization  Senior manager or delegate annual review and approval

9  CIP-003-5 was reorganized to only include elements of policy and cyber security program governance. ◦ Elements that addressed Change Control and Configuration Management were moved to CIP- 010-5 ◦ Elements that address Information Protection were moved to CIP-011-5

10 CIP-004-5 Summary of Modifications (1/2)  Training ◦ Addition of visitor control program ◦ Reorganization of requirements into the respective requirements for “program” and “implementation” of the training.  Personnel Risk Assessment ◦ Changed to only initial identity verification ◦ Now includes documenting the processes used to determine when to deny access ◦ Reorganization of requirements into the respective requirements for “program” and “implementation”

11 CIP-004-5 Summary of Modifications (2/2)  Authorization ◦ Consolidated authorization and review requirements from CIP-003-4, CIP-004-4, CIP- 006-4 and CIP-007-4 ◦ Allow quarterly and annual reviews to find and fix problems rather than self-report everything as a violation  Revocation ◦ Remove ability to access BES Cyber System when access no longer needed

12  Define ‘External Connectivity’ for scope modification  Focus on ‘Electronic Access Points’ vs. ESP  Require IDS at Control Centers  Add clarity to ‘secure’ dialups  Consolidated Monitoring and Vulnerability Assessment Requirements in CIP-007 and CIP-011 respectively  Removed Appropriate Use Banner  Incorporated CIP-005-4 Urgent Action revisions

13 CIP-006-5 Summary of Modifications  Physical Security Program ◦ Must define the operational or procedural controls to restrict physical access ◦ Removed current “6 wall” wording to instead require Defined Physical Boundary ◦ For High Impact, added the need to utilize two or more different and complementary physical access controls to restrict physical access ◦ Testing changed to a 24 month cycle with ongoing discussions of different cycles based on environment.

14  Addition of physical I/O port requirement  Security Patch management source requirement  Non-prescriptive malware requirement  Security Event Monitoring failure handling  Bi-weekly log summary/sampling reviews

15  Simplified access-control requirements, removed TFE language while strengthening password requirements  Added requirement for maintenance devices  Consolidated vulnerability assessment in CIP- 010-5  Disposal requirement moved to CIP-011-5

16  Defined Reportable Cyber Security Incident for clearer  Working to harmonize with EOP-004-2  Includes additional specification on update and lessons learned associated with the response plan.

17  Added requirement to implement the response plan.  Verification of backup media information prior to storage  Preservation of data for analysis

18  Consolidates all references to Configuration Change Management and Vulnerability Assessments. ◦ Previously these requirements were dispersed throughout CIP-003-4, CIP-005-4, and CIP-007-4

19  Consolidates all references to Information Protection and Media Sanitization. ◦ Previously these requirements were dispersed throughout CIP-003-4 and CIP-007-4  Requirements for authorization and revocation of access to BES Cyber System Information moved to CIP-004-5.  Shifts the focus of the requirements for media sanitization from the Cyber Asset to the information itself.

20  18 Months Minimum – The standards shall become effective on the later of January 1, 2015, or the first calendar day of the seventh calendar quarter after the date of the order providing applicable regulatory approval. Notwithstanding any order to the contrary, CIP-002-4 through CIP-009-4 do not become effective, and CIP-002- 3 through CIP-009-3 remain in effect and are not retired until the effective date of the Version 5 CIP Cyber Security Standards under this implementation plan.  In jurisdictions where CIP-002-4 through CIP-009-4 have not yet become effective according to their implementation plan (even if approved by order), this implementation plan and the Version 5 CIP Cyber Security Standards supersede and replace the implementation plan and standards for CIP-002-4 through CIP-009-4.

21

Download ppt "Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings."

Similar presentations

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.
Federal Energy Regulatory Commission July 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Q1 Q – The data retention period for Standards CIP-002 to CIP-009 versions 2 and 3 state: “The Responsible Entity shall keep all documentation and records.

Q1 Q – The data retention period for Standards CIP-002 to CIP-009 versions 2 and 3 state: “The Responsible Entity shall keep all documentation and records.
Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.

Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.
Update in NERC CIP Activities September 4, 2014. 2 Update on CIP-014-1 Update on Revisions to CIP Version 5  -x Posting  v6 Posting Questions Agenda.

Update in NERC CIP Activities September 4, Update on CIP Update on Revisions to CIP Version 5  -x Posting  v6 Posting Questions Agenda.
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)

Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
NERC Lessons Learned Summary December 2014. NERC lessons learned published in December 2014 Three NERC lessons learned (LL) were published in December.

NERC Lessons Learned Summary December NERC lessons learned published in December 2014 Three NERC lessons learned (LL) were published in December.
State of Standards and Standards in Development Sean Cavote, Manager of Standards Development WECC Operating Committee Meeting March 26, 2015.

State of Standards and Standards in Development Sean Cavote, Manager of Standards Development WECC Operating Committee Meeting March 26, 2015.
1 Compliance Guidance for Initial Compliance Review Dates Lew Folkerth 2Q2010 Webinar June 22, 2010.

1 Compliance Guidance for Initial Compliance Review Dates Lew Folkerth 2Q2010 Webinar June 22, 2010.
Darren T. Nielsen, M.Ad., CISA, CPP, PCI, PSP, CBRA, CBRM Senior Compliance Auditor, Cyber Security Salt Lake City, UT Office CIP-006 V3 to CIP-006 V5.

Darren T. Nielsen, M.Ad., CISA, CPP, PCI, PSP, CBRA, CBRM Senior Compliance Auditor, Cyber Security Salt Lake City, UT Office CIP-006 V3 to CIP-006 V5.
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Cyber Security Plan Implementation Presentation to CMBG Glen Frix, Duke Energy June 20, 2010 1.

Cyber Security Plan Implementation Presentation to CMBG Glen Frix, Duke Energy June 20,
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
Bryan J. Carr, PMP, CISA Compliance Auditor, Cyber Security

Bryan J. Carr, PMP, CISA Compliance Auditor, Cyber Security
1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP-002-5 thru CIP-009-5 CIP-010-1 and CIP-011-1 Version 5 Filing FERC requested filing by 3/31/2013.

1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP thru CIP CIP and CIP Version 5 Filing FERC requested filing by 3/31/2013.
CIP Version 5 Update OC Meeting November 7, 2013.

CIP Version 5 Update OC Meeting November 7, 2013.

Similar presentations

Ads by Google