NERC CIP Compliance
The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards are a set of requirements designed to protect critical infrastructure vital to the reliable operation of North America’s Bulk Electric System (BES) from cyber and physical security threats.
Platform: The Dragos Platform employs passive monitoring techniques to observe and identify devices connected to the network.
Services: Architecture Reviews assist in understanding the most critical systems, essential network infrastructure, and the potential consequences of a cyberattack.
Services: Cybersecurity Program Maturity Reviews, such as Cybersecurity Capability Maturity Model (C2M2), evaluate an organization’s current cybersecurity posture, capabilities, and practices.
Community Resources: To satisfy requirements that individuals with access to critical assets are properly trained, Dragos supports NERC CIP customers with the following focused on OT cybersecurity for their personnel:
- Dragos Academy
- OT-CERT
- Dragos Worldview
Platform:
- Dragos Sensors can be strategically placed in the environment to accommodate monitoring within the ESP and outside the ESP
- The Dragos Platform can help entities identify external communications that may not be routed through an Electronic Asset Point (EAP)
- The Dragos Platform identifies remote access session activities and visually depicts which connections are present over time.
Platform:
- The Dragos Platform can be deployed for detecting malicious code, utilizing sensors in environments where traditional antivirus software cannot be installed
- The Platform logs events and generates alerts for applicable cyber assets by detecting malicious code, successful login attempts, failed access attempts, and failed login attempts.
- The Platform can help identify logical ports and the associated service name that have either initiated or received communications on Cyber Assets.
Platform: Overall, the Dragos Platform enhances incident reporting and response planning by providing robust detection capabilities, centralized management, automated response workflows, forensic analysis tools, collaboration features, and support for continuous improvement.
Services:
- Rapid Response Retainers
- Tabletop Exercises
- Incident Response Plan Development Workshop
- Dragos OT Watch
Services:
- Rapid Response Retainers
- Tabletop Exercises
- Incident Response Plan Development Workshop
Platform:
- The Dragos Platform enables organizations to develop baseline configurations for OT devices based on CIDR, zone, asset type, and more.
- The Dragos Platform conducts passive vulnerability assessments on identified assets.
- The Dragos Platform features a specialized NERC CIP dashboard designed to support customers.
Services: Network Vulnerability Assessments assess the current landscape’s risk and evaluate the effectiveness of existing technical security controls, proposing enhancements for the future.
Platform: The Dragos Platform can quickly identify unencrypted communication protocols in use if the responsible entity is utilizing encryption between control centers.
Platform:
- The Dragos Platform enables organizations to develop baseline configurations of their network traffic inside trusted zones.
- The Baseline feature detects deviations in assets, including non-baselined communications and protocols.
- The Dragos Platform employs passive monitoring techniques to detect and evaluate anomalous network activity.
- The Dragos Platform conducts passive monitoring on identified assets.
- The Dragos Platform detects and alerts on threat behaviors, which are known adversary tradecraft and TTPs relevant to the OT environment.
Services: Dragos can conduct a Sensor Placement Study to analyze and provide recommendations for proper Dragos Sensor placement.
