Download - Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session
![Page 1: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/1.jpg)
Critical Infrastructure Protection Committee Report to
NERC Standing Committeesin Joint Session
Long Beach, CA
March 2005
Public Release
![Page 2: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/2.jpg)
2
Topics Cyber Security Standard CIP-001-009
Larry Bugh Government – Private Sector coordination
Pat Laird National Infrastructure Protection Plan
Jim McGlone National Response Plan
Jim McGlone Electricity Sector Info Sharing Analysis Center
Lou Leffler
![Page 3: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/3.jpg)
3
Cyber Security Standard CIP-001-009
● 61 sets of comments on Draft 2 DT met Mar. 3/4 to review 2 Tech Editors now on board
● DT meets again Mar. 21/22 Review total package Finalize Draft 3 Finalize draft 2 Implementation Plan
![Page 4: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/4.jpg)
4
Cyber Security Standard CIP-001-009
● Major Areas of work Refine definitions Resolve consistency Match Requirements & measures Extend Implementation Plan
● Anticipate posting Draft 3 Apr. 15th
![Page 5: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/5.jpg)
5
Government – Private Sector Coordination
● Homeland Security Presidential Directive – 7
● Department of Homeland Security
● Sector Specific Agencies Energy: Department of Energy
● Private Sectors
● National Infrastructure Protection Plan
(Work in process)
![Page 6: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/6.jpg)
![Page 7: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/7.jpg)
7
Electricity Sector Coordinating Council
● CIP Committee Executive Committee
● President / CEO NERC
● Presented to DHS; awaiting expected affirmation
![Page 8: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/8.jpg)
National Infrastructure Protection PlanNIPP
Jim McGlone
Department of Energy
![Page 9: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/9.jpg)
National Response PlanNRP
Jim McGlone
Department of Energy
![Page 10: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/10.jpg)
http://www.esisac.com
![Page 11: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/11.jpg)
http://www. isaccouncil.org
![Page 12: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/12.jpg)
12
Communications
Threat Advisory Listserv (TAL) Critical Infrastructure Protection
Information System (CIPIS) Homeland Security Information Network
(under development) US-CERT Portal Telephone and conference calls GETS
![Page 13: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/13.jpg)
13
![Page 14: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/14.jpg)
REPORT INCIDENTS TO 1. LOCAL LAW ENFORCEMENT (Establish and maintain relationship.)
2. LOCAL FBI, PSEPC, RCMP, USSS (Establish and maintain relationship.)
3. ESISAC secure messaging: https://www.nerc.net/cip email: [email protected] tel: 609-452-1422 (anytime) fax: 609-452-9550 (day)
4. National Infrastructure Coordination Center (DHS IAIP) secure messaging: https://www.nerc.net/cip email: [email protected] tel: 202-282-9201 fax: 703-487-3570
14
![Page 15: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/15.jpg)
15
Reports:
● From the ES,
● Together with other critical infrastructures,
● And intelligence sources:
May help the DHS to:
![Page 16: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/16.jpg)
16
1. Does the ESISAC have your 24x7 contact? Are there multiple contact points and communications available?
2. Is a security decision-making process in place?3. How will your organization’s physical and cyber
security decision-makers get notified? Are there backup communications?
4. Is there a means in place to communicate decisions to action-takers? A backup?
5. Consider responses in accordance with the “Threat Alert Systems and Physical / Cyber Response Guidelines for the Electricity Sector”.
Some Things to Think About
![Page 17: Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session](https://reader035.vdocuments.site/reader035/viewer/2022081520/56814907550346895db63ccd/html5/thumbnails/17.jpg)
17
Activities
● Back Up Location for ESISAC
● Telecommunications Electric Service Priority (TESP) program
● TopOff – 3
TY