Upload
imelda
View
18
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session. Long Beach, CA March 2005. Public Release. Topics. Cyber Security Standard CIP-001-009 Larry Bugh Government – Private Sector coordination Pat Laird - PowerPoint PPT Presentation
Citation preview
Critical Infrastructure Protection Committee Report to
NERC Standing Committeesin Joint Session
Long Beach, CA
March 2005
Public Release
2
Topics Cyber Security Standard CIP-001-009
Larry Bugh Government – Private Sector coordination
Pat Laird National Infrastructure Protection Plan
Jim McGlone National Response Plan
Jim McGlone Electricity Sector Info Sharing Analysis Center
Lou Leffler
3
Cyber Security Standard CIP-001-009
● 61 sets of comments on Draft 2 DT met Mar. 3/4 to review 2 Tech Editors now on board
● DT meets again Mar. 21/22 Review total package Finalize Draft 3 Finalize draft 2 Implementation Plan
4
Cyber Security Standard CIP-001-009
● Major Areas of work Refine definitions Resolve consistency Match Requirements & measures Extend Implementation Plan
● Anticipate posting Draft 3 Apr. 15th
5
Government – Private Sector Coordination
● Homeland Security Presidential Directive – 7
● Department of Homeland Security
● Sector Specific Agencies Energy: Department of Energy
● Private Sectors
● National Infrastructure Protection Plan
(Work in process)
7
Electricity Sector Coordinating Council
● CIP Committee Executive Committee
● President / CEO NERC
● Presented to DHS; awaiting expected affirmation
National Infrastructure Protection PlanNIPP
Jim McGlone
Department of Energy
National Response PlanNRP
Jim McGlone
Department of Energy
http://www.esisac.com
http://www. isaccouncil.org
12
Communications
Threat Advisory Listserv (TAL) Critical Infrastructure Protection
Information System (CIPIS) Homeland Security Information Network
(under development) US-CERT Portal Telephone and conference calls GETS
13
REPORT INCIDENTS TO 1. LOCAL LAW ENFORCEMENT (Establish and maintain relationship.)
2. LOCAL FBI, PSEPC, RCMP, USSS (Establish and maintain relationship.)
3. ESISAC secure messaging: https://www.nerc.net/cip email: [email protected] tel: 609-452-1422 (anytime) fax: 609-452-9550 (day)
4. National Infrastructure Coordination Center (DHS IAIP) secure messaging: https://www.nerc.net/cip email: [email protected] tel: 202-282-9201 fax: 703-487-3570
14
15
Reports:
● From the ES,
● Together with other critical infrastructures,
● And intelligence sources:
May help the DHS to:
16
1. Does the ESISAC have your 24x7 contact? Are there multiple contact points and communications available?
2. Is a security decision-making process in place?3. How will your organization’s physical and cyber
security decision-makers get notified? Are there backup communications?
4. Is there a means in place to communicate decisions to action-takers? A backup?
5. Consider responses in accordance with the “Threat Alert Systems and Physical / Cyber Response Guidelines for the Electricity Sector”.
Some Things to Think About
17
Activities
● Back Up Location for ESISAC
● Telecommunications Electric Service Priority (TESP) program
● TopOff – 3
TY