18
Kenath Carver Manager, CIP Compliance Monitoring Foundations of Critical Infrastructure Protection (CIP) Meeting Title Date
Kenath Carver
Manager, CIP Compliance Monitoring
Foundations of
Critical Infrastructure Protection (CIP)
Meeting Title
Date
2
Antitrust Admonition
Texas Reliability Entity, Inc. (Texas RE) strictly prohibits persons
participating in Texas RE activities from using their participation
as a forum for engaging in practices or communications that
violate antitrust laws. Texas RE has approved antitrust
guidelines available on its web site. If you believe that antitrust
laws have been violated at a Texas RE meeting, or if you have any
questions about the antitrust guidelines, please contact the Texas
RE General Counsel.
Reliability 101
July 29, 2020
3
Slido Question #1
Has working remotely changed your
organization’s approach to cyber
security?
Sli.do
#TexasRE101
Reliability 101
July 29, 2020
Kenath Carver
Manager, CIP Compliance Monitoring
Foundations of
Critical Infrastructure Protection (CIP)
Meeting Title
Date
5
Critical Infrastructure Sectors
ChemicalCommercial Facilities
CommunicationsCritical Manufacturing
DamsDefense Industrial Base
Emergency Services
Energy
Financial ServicesFood and Agriculture
Government Facilities
Healthcare and Public Health
Information Technology
Transportation Systems
Nuclear Reactors, Materials, and Waste
Water and Wastewater Systems
Reliability 101
July 29, 2020
6
Critical Infrastructure Protection
Reliability 101
July 29, 2020
7
Cyber Assets
Reliability 101
July 29, 2020
8
Sli.do (#TexasRE101)
Which of the following is a type of Cyber Asset?
A. Temperature Control Panel
B. Programmable Logic Controller
C. SCADA
D. All of the above
Reliability 101
July 29, 2020
9
Bulk Electric System (BES) Cyber Assets
Servers
• Application
• Data
• ICCP
Human Machine Interface (HMI) Workstations
Data
• Acquisition
• Interchange
Computer Networking
Communication Processing
Precision Time Device
Reliability 101
July 29, 2020
10
BES Cyber Assets
Intelligent Electronic
Devices (IED)
Protective Relay
Remote Terminal Unit
(RTU)
Programmable Logic
Controllers (PLC)
Data Concentrator
Meter / Indicator
Tap Changer
Reliability 101
July 29, 2020
11
Associated Cyber Assets
• File Servers
• LAN Switches
• Printers
• Digital Fault Recorders
• Emission Monitoring Systems
Protected Cyber Assets (PCA)
• Authentication Servers
• Security Event Monitoring Systems
• Intrusion Detection Systems
Electronic Access Control or Monitoring
Systems (EACMS)
• Card Systems
• Badge Control Systems
• Intrusion Detection Systems
Physical Access Control Systems
(PACS)
Reliability 101
July 29, 2020
12
Sli.do (#TexasRE101)
Intrusion detection systems are which type of Cyber Asset?
A. Protected Cyber Asset (PCA)
B. Electronic Access Control or Monitoring System (EACMS)
C. Physical Access Control System (PACS)
D. Both B and C
Reliability 101
July 29, 2020
13
Today
CIP-002-5.1a CIP-003-8 CIP-004-6 CIP-005-5 CIP-006-6
CIP-007-6 CIP-008-5 CIP-009-6 CIP-010-2 CIP-011-2
CIP-014-2Compliance
GuidanceNERC Glossary
Reliability 101
July 29, 2020
14
The Near Future
Supply Chain Risk Management
Vendor Remote AccessCommunications Between Control
CentersCloud Computing
VirtualizationCyber Security
Incidents
Reliability 101
July 29, 2020
15
Threats
Increasing Threat to Industrial Control Systems
• Original release date: October 25, 2012
Alert (ICS-ALERT-12-046-01A)
Cyber-Attack Against Ukrainian Critical Infrastructure
• Original release date: February 25, 2016
Alert (IR-ALERT-H-16-056-01)
Intrusions Affecting Multiple Victims Across Multiple Sectors
• Original release date: April 27, 2017
Alert (TA17-117A)
Indicators Associated With WannaCry Ransomware
• Original release date: May 15, 2017
Alert (ICS-ALERT-17-135-01I)
Reliability 101
July 29, 2020
16
Threats
Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors
• Original release date: October 20, 2017
Alert (TA17-293A)
Meltdown and Spectre Vulnerabilities
• Original release date: January 11, 2018
Alert (ICS-ALERT-18-011-01)
Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors
• Original release date: March 15, 2018
Alert (TA18-074A)
Advanced Persistent Threat Activity Exploiting Managed Service Providers
• Original release date: October 03, 2018
Alert (TA18-276B)
Reliability 101
July 29, 2020
17
We Are In This Together
Reliability
Collaboration
Working Groups
Cyber Security Organizations
E-ISACGovernment
State
Security
Reliability 101
July 29, 2020
18
Questions?
Reliability 101
July 29, 2020
