210 likes | 344 Views
ERCOT/TRE Representation to NERC CIPC for TRE Members’ Representative Committee Jim Brenton CISSP, ISSAP, Vice Chair NERC CIP Committee David Grubbs, PE, NERC CIPC Executive Committee. June 27, 2012. Critical Infrastructure Protection Committee (CIPC). CIPC Mission
E N D
ERCOT/TRE Representation to NERC CIPCforTRE Members’ Representative CommitteeJim Brenton CISSP, ISSAP, Vice Chair NERC CIP CommitteeDavid Grubbs, PE, NERC CIPC Executive Committee June 27, 2012
Critical Infrastructure Protection Committee (CIPC) CIPC Mission Advance the physical and cyber security of the critical electricity infrastructure of North America. CIPC Vision Foster information sharing, provide industry leadership and a forum for exchanging ideas and promote dialogue on key issues critical Infrastructure protection of the Bulk Electric System. CIPC Guiding Principles Continue to strive for excellence in: • Maintain relationship with and promote information sharing with other committees • Maintain high level of expertise • Align priorities with ERO and across the other standing committees • Ensure CIPC resources are efficiently used
NERC CEO’s Top Priority Issues for BES Reliability Top Priority NERC CEO-Directed Task Forces Spare Equipment Database Task Force (PC/OC) Geomagnetic Disturbance Task Force (PC/OC/CIPC) Severe Impact Resilience Task Force (OC/PC/CIPC) Cyber Attack Task Force (CIPC) CIPC Committee Cyber Attack Task Force Non-traditional threats via cyber security vulnerabilities formed with standing committee’s cyber expertise CIPC Support to Operating and Planning Committees Geomagnetic Disturbance Task Force ― Assist Operating and Planning Committees (lead committees) by soliciting participants from CIPC Severe Impact Resilience Task Force ― Solicit and encourage CIPC member participation on OC task force
NERC CIPC Areas of Strategic Focus • Advisory Panel Serve as an expert advisory panel to the NERC Board of Trustees, Electric Sub-sector Coordinating Council (ESCC) and Standing Committees in the areas of physical and cyber security. Serve as an expert advisory panel to the Electricity Sector Information Sharing and Analysis Center (ES-ISAC). • NERC Alerts CIPC will utilize the expertise of its members and NERC staff, as well as the CIPC Executive Committee to support the timely review, coordination and dissemination of industry alerts and informational responses. • Guidelines and Technical ReportsCIPC will develop and maintain guidelines and technical reports on CIP matters and provide technical support to standard drafting teams (SDTs). • Standards and Compliance Input CIPC will support the NERC Compliance initiatives by providing timely topical expertise on matters related to cyber and physical security. CIPC will also develop and submit Standard Authorization Requests (SARs) on CIP matters as needed.
NERC CIPC Areas of Strategic Focus -- 2 • BES Security MetricsCIPC will utilize the expertise of its members, NERC staff and others to provide direction, technical oversight, feedback on the collection of industry metrics, and reporting of Bulk Electric System security performance metrics. • Electric Sector Security ClearancesCoordinate with the Department of Homeland Security to determine and recommend appropriate U.S. Government security clearances to be available to members of the CIPC and other industry subject matter experts. • Support to Energy Sector Control Systems Working Group (ESCS WG) “Roadmap to Achieve Energy Delivery Systems Cyber Security”CIPC will encourage industry support of The Roadmap to Achieve Energy Delivery Systems Cyber Security prepared by the ESCS WG. • Public-Private Partnership for Information Sharing Support of the ESCC is Goal #1: “Enhance situational awareness within the electricity sub-sector and with government through robust, timely, reliable, and secure information exchange”. CIPC will collaborate with ESCC to identify information sharing protocols and enhance information sharing of actionable information between government and industry.
NERC CIPC Areas of Strategic Focus -- 3 • Emerging IssuesCIPC will utilize the expertise of members and NERC staff to identify emerging issues and take timely and appropriate action. • Focus on Balanced Approach in Bulk Electric System SecurityCIPC will emphasize a balanced cyber, physical and operational security approach on each task force or working group. • Analysis of Security Incidents Impacting the Bulk Electric SystemCIPC will coordinate with Operating and Planning Committees on developing a mechanism for identification and analysis of security incidents impacting Bulk Electric System
NERC CIPC Areas of Strategic Focus -- 4 • CIP Training and Educational OutreachCIPC will provide meeting attendees with an opportunity to participate in physical, cyber and operational security training and educational outreach opportunities. • Framework for Board of Trustees/ESCC/CIPC Relationship CIPC will work with and support the NERC Board of Trustees and ESCC as requested. 14. CIPC Member Involvements CIPC will utilize the expertise of the committee members by providing opportunities to participate in CIPC activities.
NERC CIPC – What it is not Does not address or comment on NERC Standards (all Standards Drafting Teams report to NERC Standards Committee) Does not develop SARs Does not make recommendations on Legislation (although generally receives a report on the status of legislation) Generally avoids most compliance and enforcement issues, but does write whitepapers on how to implement CIP standards NERC CIPC concentrates on BES Security and Reliability not Compliance
NERC CIP Committee Subgroups Existing CIPC Executive Committee 2012 2013 Physical Security Subcommittee Cyber Security Subcommittee Operating Security Subcommittee Policy Subcommittee Protecting Sensitive Information TF Control Systems Security WG Information Sharing TF BES Security Metrics WG Physical Security Guideline TF Cyber Attack TF HILF Implementation TF Personnel Security Clearance TF Physical Security Analysis WG Cyber Security Analysis WG NERC Grid Exercise WG Compliance & Enforcement Input WG Physical Security Training WG Cyber Security Training WG
NERC CIPC Physical Security Subcommittee Physical Security Subcommittee Protecting Sensitive Information TF Physical Security Guideline TF Physical Security Analysis WG Physical Security Training WG • Subcommittee Chair: David Grubbs, (Garland/TRE) • Existing • Protecting Sensitive Information TF • Chair: Nathan Mitchell, (APPA Staff) • Physical Security Guideline TF • Chair: John Breckinridge, (KCP&L/SPP) • New • Physical Security Analysis WG • Chair: Ross Johnson, (Capital Power/CEA) • Future • Physical Security Training WG
NERC CIPC Cyber Security Subcommittee Cyber Security Subcommittee Control System Security WG Cyber Attack TF Cyber Security Analysis WG Cyber Security Training WG • Subcommittee Chair: Marc Childs, (Great River Energy/MRO) • Existing • Control System Security WG • Chair: Mark Engels, (Dominion/RFC) • Cyber Attack TF • Chair: Mark Engels, (Dominion/RFC) • New • Cyber Events Analysis WG • Chair: Stephen Diebold, (KCP&L/SPP) • Cyber Security Training WG • Chair: William Whitney, (Garland/TRE)
NERC CIPC Operating Security Subcommittee Operating Security Subcommittee Information Sharing TF HILF Implementation TF GridSec Exercise WG • Subcommittee Chair: Carl Eng (Dominion/RFC) • New • Information Sharing TF • Chair: Steve Diebold, (KCP&L/SPP) • HILF Implementation TF • Chair: Bill Muston (Oncor/TRE) • Future • NERC GridSec Exercise WG
NERC CIPC Policy Subcommittee Policy Subcommittee BES Security Metrics WG Personnel Security Clearance TF Compliance & Enforcement Input WG • Subcommittee Chair: Nathan Mitchell (APPA Staff) • New • BES Security Metrics WG • Chair: Jamie Sample (PG&E/WECC) • Personnel Security Clearance TF • Chair: Jim Brenton (ERCOT/TRE) • Future • Compliance & Enforcement Input WG
Voting Members on NERC CIP Committee • David Grubbs / Operations & Physical, Garland – Director Regulatory Affairs & Compliance • Chairman of ERCOT CIP Working Group • Member of NERC CIPC for 4 years • Member of NERC CIPC Executive Committee – 2 years • Chairman of NERC CIPC Physical Security Subcommittee • Member of NERC SIRTF Executive Committee • Member of NERC Physical Protection Guidelines Committee • Member of NERC HILF Implementation Task Force • Participated in 2012 DoD Defense Industrial Base Study of DFW power restoration • Member ERCOT TAC, 1987-1996, 2010-present • Member ERCOT Board of Directors, 1994-2001 • Past Chair ERCOT Network Data Support WG • Past Chair ERCOT Power Interchange Effects WG • Past Chair ERCOT Operating Guides Revision TF • U.S. Gov //SECRET// Clearance
Voting Members on NERC CIP Committee • William Whitney / Cyber, Garland – Manager Operations Technical Services • Vice Chairman of ERCOT CIP Working Group • Newly selected NERC CIPC by ERCOT CIP WG in 2012 • Member of NERC CIPC Cyber Attack Task Force • Member of NERC CIPC Personal Security Clearance Task Force • Member of DHS/US-CERT ICSJWG Workforce Development Subgroup • Chair of NERC CIPC Cyber Security Training Working Group • U.S. Gov //SECRET// Clearance
Voting Members on NERC CIP Committee—continued • Jim Brenton / Cyber, ERCOT – Principal & Regional Security Coordinator • ERCOT Representative to NERC CIPC – 6+ years • NERC CIPC Vice Chairman – One year • Member of NERC CIPC Executive Committee – 3+ years • Chairman of NERC CIPC Personal Security Clearance Task Force • Member of NERC CIPC Bulk Electric System Security Metrics Working Group • Chairman, TX Private Sector Advisory Council for CI/KR Protection to the Governor • Co-founder & ERCOT Staff Facilitator ERCOT CIP Working Group – 6 years • Member of ISO/RTO Council Security Working Group – 6+ years • Member of DoE Advisory Council for Electricity Sector Cybersecurity Capability Maturity Model (ESC2M2) Pilot Initiative requested by the White House Cyber Security Advisor to the President and the National Security Council – May 2012 • Participated in 2012 DoD Defense Industrial Base Study of DFW power restoration • Member of the Government/Industry Task Force that prepared classified report on Remote Network Security Vulnerabilities for NERC in Feb 2010 • Member of DoE Energy Sector Control Systems Working Group that prepared the 2011 DoE “Roadmap for Energy Delivery Systems Cybersecurity” • Member of NERC/NIST/DoE/Industry team that prepared the DoE “Cybersecurity Risk Management Process Guideline” for the Electricity Subsector in 2011 • Member of NERC CIP Standards Drafting Team (2008-2011) • U.S. Government //SECRET// Clearance
ERCOT Alternates for NERC CIP Committee Alternates Listed on NERC Roster: • Ann Delenela / Cyber, ERCOT Director of Security • Alternate for 6+ years • U.S. Gov //SECRET// Clearance • Christine Hasha / Cyber, ERCOT Senior Compliance Analyst • Alternate for 2+ years • Member of NERC CIP Standards Drafting Team • Martin Narendorf / Physical, CenterPoint Director, Substation Operations • Alternate for 3+ years • Bill Muston / Cyber, Oncor Manager, Research & Development • Alternate for 6+ years • Co-founder and member of ERCOT CIPWG – 6 years • U.S. Gov //SECRET// Clearance • Elias A. Villanueva / Operations, ERCOT Supervising Engineer, System Operations • Alternate for 6+ years • Scott Rosenberger / Cyber, EFH Director, Security & Compliance • Former NERC CIPC Voting Member 2 years and Alternate for 3+ years • Former Vice Chairman ERCOT CIP WG – 2 years • Member of NERC CIP Standards Drafting Team – 5 years • U.S. Gov //SECRET// Clearance
Proposed Criteria for Consideration for NERC CIPC Representatives from TRE/ERCOT • Active in ERCOT CIP Working Group Meetings and Activities • Active in NERC CIPC Working Groups, Task Forces or NERC CIP Standards Drafting Teams • Recognized expertise and/or certification in at least one of the following security areas: • Cyber Security; Physical Security; Control System/SCADA Security; Operational Security; and, Security Policy, Regulations and Standards • Company commitment for time and travel expense of participating in 8-10 out of town NERC CIPC/TF/WG meetings, two classified briefings per year, in addition to 10-12 ERCOT CIP WG meetings in Austin • US Government //SECRET// or higher Security Clearance sponsored by the DHS, DoE, DoD, DoJ/FBI, or other Federal Department or Agency for access to Classified National Security Information related to the protection of Critical Infrastructure.