Title: ELECTRICITY SECTOR CRITICAL INFRASTRUCTURE PROTECTION and ESISAC
1ELECTRICITY SECTORCRITICAL INFRASTRUCTURE
PROTECTIONandESISAC
- Presentation to
- Waterpower XIII Conference
- 31 July 2003
2Topics
- Electricity Sector
- NERC
- CIPAG
- ESISAC
- Communications
- Other Projects
3The Electricity Sector
6 x10? C1
aGen bTrans cLSE dPSE eRC fCA gGov
3I
Interconnectedness, Interdependencies,
Reliability, Security Guidelines, Standards
Orgs NERC, ESISAC, Other ISACs, APPA, CEA,
EEI, ELCON, EPRI, EPSA, NEI, NAESB, NRECA
Agencies DOE, CIAO, DHS, DOD, FERC, NARUC
NRC, OCIPEP, RUS, USSS
4Definitions and Description
- APPA American Public Power Association
- CEA Canadian Electricity Association
- CIAO Critical Infrastructure Assurance Office
- DOD Department of Defense
- DOE Department of Energy
- DHS Department of Homeland Security
- EEI Edison Electric Institute
- ELCON Electricity Consumers Resource Council
- EPRI Electric Power Research Institute
- EPSA Electric Power Supply Association
- ES Electricity Sector
- FERC Federal Energy Regulatory Commission
- IAIP Info Analysis, Infrastructure Protection
- ISAC Information Sharing and Analysis Center
- NAESB No. Amer. Energy Standards Board
- NARUC Natl Assoc Reg Utility Commissioners
- NEI Nuclear Energy Institute
- NERC North American Electric Reliability Cncl
- NIPC Natl Infrastructure Protection Center
- The equation
- Summed over millions of Customers
- Entity types that comprise the ES
- Divided by three Interconnections
- Eastern
- Western
- Texas
- Generation, Transmission, Load Serving Entities,
Purchasing-Selling Entities, Reliability
Coordinators, Control Areas, Regional
Transmission Organizations, Independent System
Operators, Regulators (Canada/US
Federal/State/Provincial/Local)
5(No Transcript)
6CRITICAL INFRASTRUCTURE PROTECTION ADVISORY GROUP
Board of Trustees
NERC Stndg Cmtes MC, OC, PC
US CAN Gov
APPA
CIPAG Physical Security Cyber Security Operations
Policy Development Needs Peer Review
CEA
EEI
ESISAC Analysis Communications
NRECA
CIP Task Forces Processes and Practices Developmen
t
Professional Review Recommendations Practices
08 Jun 2003
7ESISAC Communications
RA
BA
IA
TSP
TOw
TOp
DP
GEN
LSE
PA
PSE
ESISAC
DHS-IAIP
Law Enforce
Other ISACs
RA
BA
IA
TSP
TOw
TOp
DP
GEN
LSE
PA
PSE
Other Federal, State, Provincial Agencies
8ESISAC Mission
- Receive electricity sector security data
- Analyze security data
- With DHS, other agencies, other ISACs
- Disseminate threat indications, .analyses,
warnings with interpretations
9http//www.esisac.com
10- REPORT INCIDENTS TO
- LOCAL LAW ENFORCEMENT
- Establish and maintain relationship
- LOCAL FBI
- Establish and maintain relationship
- DHS-IAIP IAW Program
- InfraGard CIPIS nipc.watch_at_fbi.gov
- 202-323-3204,5,6
- 888-585-9078
- ESISAC
- CIPIS https//www.nerc.net/registration/
esisac_at_nerc.com - 609-452-8060 day
- 609-452-1422 anytime
11Communication Types
- Incident data for analysis
- From Electricity Sector (ES) entities
- To DHS-IAIP, ESISAC, ES entities as determined by
inputting entity - Threat Alerts, Advisories, Warnings, other
information - From DHS-IAIP and ESISAC
- To ES entities
- Sector, Area, Type facility, Specific facility
12Communications Mechanisms
- Critical Infrastructure Protection Information
System (CIPIS) - Email listservers
- Lists with pager and text cell phones included
- Hotline Reliability Coordinators on shift
- Conference calls
- Specific entity by telephone
- Voice message system (under development)
- Out of band communication (future)
13CIPIS / RCIS
14(No Transcript)
15(No Transcript)
16(No Transcript)
17IAW Program Reporting Events
- Loss of Generation
- Loss HV Transmission
- Loss of Distribution (NS/EP)
- Loss of Distribution (EPS)
- Loss of Load Center
- Loss of Telecom for System operator
- Loss of Control
- Loss of or Degraded Market Functionality
- Anomalous Non-character System Behavior
- Announced Credible Threats
- Intelligence Gathering Physical Surveillance
- Intelligence Gathering and Operations Cyber
Surveillance - Intelligence Gathering Social Engineering
- Security Breaches Affecting IT
- Planting/Pre-Positioning Malicious Code
18Threat Alert Levels
19Security Guidelines
- Overview
- Communications
- Emergency Plans
- Employment Background Screen
- Physical Security
- Threat Response
- Physical
- Cyber
- Vulnerability/Risk Assessment
- Continuity of Business Process
- Cyber Access Control
- Cyber IT Firewalls
- Cyber Intrusion Detection
- Cyber Risk Management
- Protecting Sensitive Info
- Securing Remote Access Process Control Systems
- Incident Reporting
- Cyber Security STANDARD
20Other ES Initiatives
- Public Key Infrastructure
- Process Control Systems
- Spare Equipment Project
- Critical Infrastructure Interdependencies
- CIP Workshops
21CIP Workshops Agendas
- Security Guidelines (14)
- Cyber Security Standard
- Vulnerability Assessment Methodologies
- Communications
22Meeting The Security Challenge Workshops
TY