Balance Regulatory Compliance With OT Cybersecurity
Dragos currently tracks 16 activity groups targeting the electric sector, and adversary attacks on electric utilities continue to evolve. So, too, will regulation-based cybersecurity requirements such as the NERC CIP standards.
CHALLENGE
Maintaining Regulatory Compliance in the Electricity Industry
The urgent need to address increasing cyber threats to operations environments in the electricity industry is the driving force behind the US Department of Energy’s plan to enhance the cybersecurity of electric utility Industrial Control Systems. At the same time, the requirements of the North America Electric Reliability Council’s (NERC) Critical Infrastructure Protection (CIP) standards must be closely adhered to as they continue to evolve to account for new technological advances like virtualization and cloud-enabled services.
Over time, events occur that provide new insights to emerging operational risks, and organizations look to innovative technologies to help manage the risks to their businesses. This dynamic landscape creates challenges for electric utilities, regulators, and solutions providers, all of whom are working hard to adhere to internally developed standards while simultaneously looking ahead to a time when the standards may need to mature.
Electric utility asset owners facing these challenges cannot undertake the journey alone. Instead, they need to pursue partners and solutions that support their operational needs and business objectives.
OUR SOLUTIONS
A cohesive approach to support security, and compliance, in your OT environment
In working with hundreds of electric sector organizations, Dragos has developed a tried and tested approach to helping our customers defend against, or respond to, cyber incidents in their operations environments. We have a focus and subject matter expertise in electric sector operations, ICS environments, and NERC CIP to support your compliance efforts when implementing detection and monitoring solutions across CIP facilities.
Properly identifying ideal network monitoring locations is a daunting task, so to begin with our we recommend having our Services team conduct a Crown Jewel Analysis as part of an Architecture Review. The result of this assessment will identify the prime locations to monitor your SCADA networks and their associated assets in your High, Medium, and Low Impact environments. The Architecture Review will also ensure that these environments are adequately segmented from your IT network and the internet if part of an Electronic Security Perimeter (ESP).
A Tabletop Exercise, facilitated by our industrial consultants, will bring your IT and operations teams together to run through a simulated Reportable Cyber Security Incident against your OT environment. In these exercises, our team leverages intelligence on ICS-targeting activity groups to create a realistic scenario based on real adversary tradecraft. NERC CIP requires that these simulations be conducted once every 15 months, and with an Incident Response Retainer, they can be proactively scheduled.
Recently, the Electricity Subsector Coordinating Council (ESCC), the principal liaison between the federal government and the electric power industry, recommended the Dragos Platform to their investor-owned community as the most suitable cybersecurity monitoring and detection technology that would satisfy the requirements of the US Government’s 100-day plan. If you are interested in learning more about NERC CIP best practices for deployment of the Dragos Platform, a straightforward implementation and compliance guide, developed by the Electric Reliability Organization (ERO) Enterprise, can be found here.
We’re ready to assist you regardless of where you are in your cybersecurity or NERC CIP journey. Please contact us to speak with one of our experts today.
View the ERO Enterprise CMEP Practice Guide
Want to see Dragos in Action?