CIPC Executive Comittee Update

1
CIPC Executive Comittee Update
CIPC Confidentiality - Public

• CIPC Conference Call
• September 16, 2004
• Stuart Brindley
• CIPC Chair

2
CIPC Executive Committee Activities

• Support to NERC Board
• 2005 Business Plan
• Strategic retreat
• CIPC Roles
• Work flow - developing security guidelines
• Monitor progress and resources of WG/TFs
• Seiki Harada replaces John Maguire on Standards
  Guidelines WG
• Relationship with governments
• Opportunities...

3
NERC 2005 Business Plan

• Recognizes need to increase scope and intensity
  of CIPC efforts
• Identified CIPC strategic objectives and major
  work items
• Includes additional NERC staff person dedicated
  to CIPC
• Request approval at October NERC Board meeting

4
CIPC Strategic Objectives - 2005

• Further develop ISAC capability
• Improve coordination and relationships with
  governments
• Develop National Infrastructure Protection Plan
• Develop methods to deter, mitigate and respond to
  attack
• Enhance SCADA and process control security
• Address cyber physical security Blackout
  recommendations

5
NERC Board Strategic Retreat

• From NERC Readiness Audits, develop a plan for
  identifying and communicating
• Best practices
• Commonly identified areas for improvement
• Update NERCs response plan in the event of a
  significant system disturbance or emergency event
• Coordinate NERC and FERC operator training
  studies
• Increase the intensity and commitment of
  stakeholder contributions to Committees
• Clarify the role of the Regions
• More proactive with governments - regulatory,
  security

6
CIPC Relationships Roles
14 ISACs Sector Coordinators ISAC Council
Federal, Provincial and State Governments
US Department of Homeland Security
(DHS) Department of Energy (DOE) Federal Energy
Regulatory Commission (FERC) Canada Public
Safety Emergency Preparedness Canada
(PSEPC) Natural Resources Canada (NRCan)
NERC Leadership Technical Steering Ctee Other
NERC Standing Ctees OC, PC, MC, etc
ELECTRICITY SECTOR ENTITIES
Utilities, Transmitters, Generators,
Distributors, Independent System/Market Operators
OPERATIONS
PHYSICAL AND CYBER SECURITY
EMERGENCY
MANAGEMENT
CRITICAL INFRASTRUCTURE PROTECTION
ELECTRIC
POWER
PHYSICAL
INFORMATION
PUBLIC HEALTH
SYSTEM
INFRASTRUCTURE
TECHNOLOGY
SAFETY
OPERATION
CIP Committee Roles
7
CIPC Work Flow - Security Guidelines
Executive Committee
Standards Guidelines WG
NERC Staff
CIPC Members
Working Group/Task Force
Identify need
Prioritize assign to Working Group/Task Force
Within days
Prepare scope and identify resources
1 week
Within days
Approve scope resources
Review scope
As versions developed
Facilitate meetings conference calls
Prepare content draft
Review content draft
Scope-dependent
Coordinate review of other NERC Committees as
appropriate
Submit content draft for CIPC approval
Scope-dependent
CIPC approval of content draft

• Forward content draft to Standards Guidelines
  WG for
• consistency with existing Standards Guidelines
  
• final format

1 week
1 week
Prepare final draft
CIPC review and approval to forward to NERC Board
Post final document for public review
2 weeks
2 weeks
Prepare final document
8
Relationships with Governments

• Canada-US Outage TF report - prioritize actions
• DHS interface with NERC as Sector Coordinator,
  ESISAC, ISAC Council
• NERC President, CIPC Chair are Sector
  Coordinators
• Aug 31/04 meeting with senior DHS officials
  (NERC, EEI, AGA)
• Response to large-scale emergencies (eg.
  Blackout, hurricanes)
• Multi-national CIP initiative - assess
  opportunity
• industry and governments
• Australia, New Zealand, US, Canada

9
Canada-US Outage TF Report

• High visibility by governments - life of Task
  Force extended by 1 year
• 16 of 46 recommendations related to CIP
• many require coordination with other NERC
  Committees (esp. Operating and Planning)
• Actions underway within CIPC
• many during 2004
• some through 2005 and beyond

10
Sector Coordinators/ISAC Council

• Mission
• To advance the physical and cyber security of the
  critical infrastructures of North America by
  establishing and maintaining a framework for
  valuable interaction between and among the ISACs
  and with government

11
Sector Coordinator/ISAC Council Initiatives

• Single forum for DHS to interface with all 14
  critical infrastructure sectors
• whos who ?
• Include Sector-Specific Agencies (eg. DoE)
• Matrix project - sharing structure, scope of each
  ISAC
• Interdependency Task Force - proposed 3 tabletop
  exercises to DHS
• Media/Outreach - key public messages
  communicating what is being done
• Physical/Cyber - integrating these functions
• Emergency Notification System (ENS) and
  conference bridge in place

12
Opportunities...

• Improved coordination with government
• 2-way information sharing, risk assessment
• Industry outreach to the public regarding CIP
  threats and incidents as we did during the
  Blackout

13
Opportunities...

• Growing the ESISAC
• During response mode, cant just be NERC staff
• Leverage CIPC participants
• Subject matter expertise
• Getting the right resources, right away
• Coordinate with Operations
• Timely and effective support of government

14
Building the DHS Relationship

• August 31, 2004 Meeting
• Nebraska Ave.
• Washington DC

15
Participants

• DHS
• Bob Liscouski, Al Martinez-Fonts, Jim Caverley,
  Bill Flynn, Taralyn Riordon
• Electricity, Gas Sectors
• Stuart Brindley, Bob Canada, Pat Laird, Lyman
  Shaffer

16
Meeting Objectives

• Recognize successful initiatives with DHS
• Demonstrate the commitment of asset
  owner/operators, and support of industry
  associations
• NERC, EEI, AGA, others
• Sector Coordinators, ESISAC, ISAC Council
• Improve 2-way communication between industry and
  DHS

17
Recognizing Successes

• NERC ESISAC project with Homeland Security
  Information Network (HSIN)
• ES contribution to NIPP (energy annex)
• Canada-US interdependency exercise
• NERC Security Standards, Guidelines and Workshops
• Cyber intrusion detection system pilot
• Security clearances with some industry players
• Regional gas reliability studies
• ESISAC support during emergencies (eg. hurricanes)

18
DHS and Industry Roles

• Industry sees too many CIP contacts with
  government agencies
• Not all Sector Coordinators or ISACs reach across
  their entire sector
• NERC is Sector Coordinator and operates ESISAC
• CIPC reaches broadly across electric sector
• DHS to formally recognize NERC through provisions
  of Federal Advisory Committee Act

19
Opportunities for Improvement

• Threat assessment and info-sharing
• industry decision-makers with security clearances
• Early consultation to facilitate DHS initiatives
• Support DHS National Infrastructure Coordinating
  Centre (NICC)
• Situation-dependent
• Protection of Critical Infrastructure Information
  (PCII)
• Some time until appropriate protection is in
  place
• DHS establishing liaison in 68 Secret Service
  field offices