Presentation is loading. Please wait.

Presentation is loading. Please wait.

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.

Published byCarter McBride Modified over 10 years ago

Similar presentations

Presentation on theme: "NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action."— Presentation transcript:

1 NERC Cyber Security Standards Pre-Ballot Review

2 Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action Cyber Security Standards 1200 Joint US-Canada Task Force Report on the August 2003 Blackout National Infrastructure Protection Plan

3 General Numerous comments received on Draft 3 Comments focused on technical issues Comments represented industry consensus

4 General Ensured that requirements are clear and concise. Eliminated redundancy between the standards. Ensured that levels of noncompliance correctly align with the requirements and are auditable. Removed references to IAW/SOP

5 Definitions The definition of Critical Assets was changed to remove the references to large quantities of customers and significant risk to public health and safety. The new definition is Facilities, systems, and equipment which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System.

6 CIP-002 Critical Cyber Asset Identification List of Required Critical Assets in Requirement 1 was removed. R1 divided into two requirements: R1. Critical Asset Identification Method and R2. Critical Asset Identification. (New R1 requires Responsible Entities to identify and document a risk-based assessment methodology that shall consider, at a minimum, certain assets as listed in the standard.) R2 requires Responsible Entities to apply the risk-based assessment methodology required in R1 to identify their lists of Critical Assets.

7 CIP-004 Personnel and Training The update period for Personnel Risk Assessment was extended to 7 years. The review period was changed to be consistent with the update period. Personnel risk assessments and training no longer need to be completed prior to permitting authorized cyber or authorized unescorted physical access; rather, they must be conducted within 90 calendar days of personnel being granted such access.

8 Other Changes of Significance CIP-003 – Security Management Controls –Provision for emergency situations –Removed test environment from Change Management CIP-005 – Electronic Security Perimeter(s) –Removed requirement for port scanning

9 Implementation Plan for Standards Implementation plan has been modified to recognize the time necessary to fully implement these standards. New phase of compliance has been added to the tables. Begin Work (BW) has been clarified to mean a Responsible Entity has developed and approved a plan to address the requirements of a standard, has begun to identify and plan for necessary resources, and has begun implementing the requirements.

10 Ballot Process Balloting opens Feb. 17 th for ten days Drafting Team will respond to any negative comments If necessary, recirculation balloting will be conducted Persons interested in voting must be registered to ballot pool by Feb. 17th

11 And now its time for your questions and comments. Larry Bugh Chair, Cyber Security Standards Drafting Team 330.580.8017 larry.bugh@rfirst.org

Download ppt "NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action."

Similar presentations

Federal Energy Regulatory Commission July 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
NERC TPL Standard Issues TSS Meeting #146 Seattle, WA August 15-17, 2007 Chifong Thomas.

NERC TPL Standard Issues TSS Meeting #146 Seattle, WA August 15-17, 2007 Chifong Thomas.
NERC Reliability Readiness The Next Steps Mitch Needham NERC Readiness Evaluator September 24, 2007.

NERC Reliability Readiness The Next Steps Mitch Needham NERC Readiness Evaluator September 24, 2007.
NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.

NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.
Course Material Overview of Process Safety Compliance with Standards

Course Material Overview of Process Safety Compliance with Standards
CIP Version 5 Transition Guidance September 2013 Open-Webinar

CIP Version 5 Transition Guidance September 2013 Open-Webinar
STATUS OF BULK ELECTRIC SYSTEM DEFINITION PROJECT

STATUS OF BULK ELECTRIC SYSTEM DEFINITION PROJECT
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
PER-005-2.

PER
PER Update & Compliance Lessons Learned

PER Update & Compliance Lessons Learned
Key Reliability Standard Spot Check Frank Vick Compliance Team Lead.

Key Reliability Standard Spot Check Frank Vick Compliance Team Lead.
Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.

Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)

Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009.

Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP
Compliance Application Notice Process Update and Discussion with NERC MRC.

Compliance Application Notice Process Update and Discussion with NERC MRC.
Cyber Security Plan Implementation Presentation to CMBG Glen Frix, Duke Energy June 20, 2010 1.

Cyber Security Plan Implementation Presentation to CMBG Glen Frix, Duke Energy June 20,
Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.

Project Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.
Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.

Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.
Cyber Security Standard Workshop Status of Draft Cyber Security Standards Larry Bugh ECAR Standard Drafting Team Chair January 2005.

Cyber Security Standard Workshop Status of Draft Cyber Security Standards Larry Bugh ECAR Standard Drafting Team Chair January 2005.
Update in NERC CIP Activities June 5, 2014. 2 Update on CIP-014-1 Update on Revisions to CIP Version 5 –BES Cyber Asset Survey –Implementation Plan Questions.

Update in NERC CIP Activities June 5, Update on CIP Update on Revisions to CIP Version 5 –BES Cyber Asset Survey –Implementation Plan Questions.

Similar presentations

Ads by Google