Official Comment Form Cyber Attack Task Force Draft Final ReportPlease use this form to submit comments on the proposed Cyber Attack Task Force Draft Final Report (is included in the same email as this comment form).

Comments must be submitted by February 8, 2012. You may submit the completed Microsoft Word form by e-mail to sgcomments@nerc.net with the words “Cyber Attack Task Force Draft Final Report Comment Form” in the subject line. Only comments submitted in Microsoft Word format using this comment form will be accepted. Red-line document changes, PDF versions of this document, or email comments will NOT be accepted.

Comments may be submitted by individuals or groups.

If the comments are from an individual, please provide the contact information for the submitter in Information Table 1, and provide the requested affiliation information in Information Table 2.

If the comments are from a group, please provide the contact information for the leader of the group in Information Table 1, the requested affiliation information in Information Table 2, and a list of all group participants in Information Table 3.

Note: If you need to add a row to the table below please select Table from the above toolbar than Insert “Row Above” or “Row Below.”

If you have any questions on the subject information, please contact Scott Mix at Scott.Mix@nerc.net.

Information Table 1Individual Commenter or Group Leader Contact Information

Name:      

Entity Name:      

Telephone:      

E-mail:      

Information Table 2

Select each NERC Region that you represent: Select each Industry Segment that you represent:

ERCOT

FRCC

MRO

NPCC

RFC

SERC

SPP

WECC

NA – Not Applicable

1 — Transmission Owners

2 — RTOs, ISOs

3 — Load-serving Entities

4 — Transmission-dependent Utilities

5 — Electric Generators

6 — Electricity Brokers, Aggregators, and Marketers

7 — Large Electricity End Users

8 — Small Electricity End Users

9 — Federal, State, and Provincial Regulatory or other Government Entities

10 — Regional Reliability Organizations and Regional Entities

NA – Not Applicable

Official Comment Form Cyber Attack Task Force Draft Final Report

Information Table 3

Group Comments (Complete this page if comments are from a group.)Group Name:      

Additional Member Name Additional Member Entity Name Region(s) Segment(s)

                       

                       

                       

                       

                       

                       

                       

                       

                       

                       

                       

                       

                       

                       

Official Comment Form Cyber Attack Task Force Draft Final Report

Enter All Comments in the tables below. Red-line Changes will not be accepted. Submit this form in Microsoft Word format only.

There are three sections provided for your use to submit comments on this guideline.

The first section poses some specific questions that the Cyber Attack Task Force for which the members requests responses.

The second section is a table used to provide general comments on the guideline. These general comments should not reference a specific section or page in the guideline, but rather, should be overall comments on the guideline or concepts in the guideline, and may include repeating comments that are applicable to a number of sections.

The third section is used to provide comments to specific sections of the guideline, such as spelling, punctuation or word usage comments, as well as to provide specific comments to concepts on the indicated page and line of the guideline. When performing the review, please use the “clean version (not any “redline” versions) of the document in order to ensure consistently in provided comments from multiple commenters.

Please provide sufficient information in your comments to allow the working group to understand the issue being commented upon, and provide suggested changes to the guideline that the working group may use to update the guideline.

Official Comment Form Cyber Attack Task Force Draft Final Report

The CATF Report attempts to address the following particularly challenging topics and would like to confirm if these are of high interest to entities. Does the draft Report adequately addresses these topics or should they be further developed to provide more detailed guidance?

Defensive Capabilities / Deterrence Section and Appendix HCan you share any strategies on how to help mitigate or eliminate this risk?

Comments:      

Recommendations SectionAre there other recommendations that you feel should be included as part of the report?

Comments:      

Appendix E – Potential Responses to AttacksCan you think of other potential responses that should be included in the list? What has your company found to be particularly beneficial?

Comments:      

Appendix F – Local Indicators of an Unusual EventDo you have any examples of unusual event indicators from your experiences that can be shared with the CATF and considered for the report?Comments:      

What tools (software or hardware) or procedures do you find to be particularly helpful in spotting something wrong?

Comments:      

Official Comment Form Cyber Attack Task Force Draft Final Report

Appendix G – Isolation and Survivability TacticsHave you experienced any situations where you have had to isolate part of your information technology network? If so, did the tactics and actions you took differ from what is documented in Appendix G. What needs to be added?

Comments:      

Appendix H – Defensive CapabilitiesCan you share with the CATF any defensive strategies and capabilities used at your company both on the IT side as well as in the operations area? Also keep in mind, this is a coordinated cyber attack, don’t just think about the usual defensive measures.

Comments:      

Official Comment Form Cyber Attack Task Force Draft Final Report

Instructions for general comments:

Provide a description (or explanation) of your comments in the Comment column. Provide a proposed wording (or other) change in the proposed change column. The text in the proposed change column will be used by the

working group to update the document.

The first and last columns will be used by the working group during the comment resolution process, and should not be filled out on this comment form.

*Note: If you need to add a row to the table below please select Table from the above toolbar than Insert “Row Above” or “Row Below.”

Leave Blank

Comment Proposed Change

Comment resolution adopted by the

working/task group on each comment submitted

Official Comment Form Cyber Attack Task Force Draft Final Report

Instructions for specific comments on the text of the document:

Provide a page number and line number reference for each comment (page and line numbers are provided in the review version of the document). When referencing page and line numbers, refer to the “clean” version of the posted document. Please DO NOT refer to page and line numbers in “redline” versions of documents.

Identify each comment as either E (editorial), i.e., spelling, punctuation, formatting; or, T (technical) i.e., content changes. Provide a description (or explanation) of your comments in the Comment column. Provide a proposed wording (or other) change in the proposed change column. The text in the proposed change column will be used by the

working group to update the document.

The first and last columns will be used by the working group during the comment resolution process, and should not be filled out on this comment form.

*Note: If you need to add a row to the table below please select Table from the above toolbar than Insert “Row Above” or “Row Below.”

Leave Blank

Page Number

Line Number

Type of Comment (Editorial / Technical)

Comment Proposed Change

Comment resolution adopted by the

working/task group on each comment submitted

Official Comment Form Cyber Attack Task Force Draft Final Report

Leave Blank

Page Number

Line Number

Type of Comment (Editorial / Technical)

Comment Proposed Change

Comment resolution adopted by the

working/task group on each comment submitted

Official Comment Form Cyber Attack Task Force Draft Final Report

Leave Blank

Page Number

Line Number

Type of Comment (Editorial / Technical)

Comment Proposed Change

Comment resolution adopted by the

working/task group on each comment submitted

Official Comment Form Cyber Attack Task Force Draft Final Report

Leave Blank

Page Number

Line Number

Type of Comment (Editorial / Technical)

Comment Proposed Change

Comment resolution adopted by the

working/task group on each comment submitted

Official Comment Form Cyber Attack Task Force Draft Final Report

Leave Blank

Page Number

Line Number

Type of Comment (Editorial / Technical)

Comment Proposed Change

Comment resolution adopted by the

working/task group on each comment submitted

Official Comment Form Cyber Attack Task Force Draft Final Report