Service detail
Our expert security consultants review every element of your NERC-CIP compliance, including: policies, procedures, configuration management, certification and accreditation, remediation plans, and security awareness training.
Highlights
Identifies gaps in your agency's security program and NERC-CIP reporing
- Provides detailed recommendations for remediating or maintaining compliance
- Dedicated resources help allow your agency team members to focus on business issues rather than security matters
- Designed to improve compliance and security by implementing appropriate solutions
- Security expertise from IBM Security Services' elite team of experienced security professionals
- Industry-leading security intelligence, support and guidance from our X-Force security research and development team
IBM Security Services' helps clients adhere to the comprehensive reliability standards that North American Electric Reliability Corporation (NERC) defined requirements for planning and operating the collective bulk power system. Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which are intended to ensure the protection of the Critical Cyber Assets that control or effect the reliability of North America's bulk electric systems.
| Standard | Summary | IBM Security Solutions |
|---|---|---|
|
CIP-002-1 Critical Cyber Asset Identification |
All network assets must be audited to identify Critical Cyber Assets. A risk-based assessment methodology should be utilized with annual reviews. |
|
|
CIP-003-1 Security Management Controls |
Policies with adherence monitoring and change control must be documented and in place. Change control policies and processes must be adhered to. Definitions and documentation on access control levels for critical assets such as Internet facing systems and critical backend solutions. Solutions should be in place to mitigate risks. |
|
|
CIP-004-1 Personnel and Training |
Employees should be trained on policies, access controls and general awareness issues around Social Engineering. Background checks should be performed on all users with access to computer assets. |
|
|
CIP-005-1 Electronic Security Protection |
An Electronic Security Perimeter should be established that provides the following:
|
|
|
CIP-006-1 Physical Security Program |
Physical Security controls should be documented and implemented that provide perimeter monitoring and logging along with robust access controls. All cyber assets used for Physical Security are considered Critical and should be treated as such. |
|
|
CIP-007-1 Systems Security Management |
All methods, processes and procedures for securing Critical Assets and all technology solutions should be well-defined and include automated controls. System and network events should be monitored automatically with alerts sent to key personnel. An annual vulnerability assessment should be performed. |
|
|
CIP-008-1 Incident Response and Reporting |
All cyber security incidents should be addressed by an internal computer incident response team (CIRT) and reported to the Electricity Sector Information Sharing and Analysis Center (ES ISAC). |
|
|
CIP-009-1 Disaster Recovery |
A disaster recovery plan should be created and tested with annual drills |
|