Your SlideShare is downloading. ×
0
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
NESCO Year 2 Overview
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

NESCO Year 2 Overview

208

Published on

Patrick Miller, NESCO's Principal Investigation, presented the current state of the NESCO program. This presentation covered the various outreach efforts we have planned this year and into 2013; the …

Patrick Miller, NESCO's Principal Investigation, presented the current state of the NESCO program. This presentation covered the various outreach efforts we have planned this year and into 2013; the goals of the NESCO program project management plan; the new NESCO website and the community-based wiki activities; and, the NESCO organizational membership opportunity.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
208
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. NESCO Update: Year Two WebinarNational Electric Sector Cybersecurity Organization September 7 2012
  • 2. Webinar Logistics  All participants are muted  Ask questions via GoToMeeting Q&A panel  Use Twitter hashtag #NESCO  Webinar is being recorded  Presentation and recorded webinar will be available at www.us-nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 2
  • 3. NESCO Legislative Origin  R. 3183 “...the Secretary shall establish an independent national energy sector cyber security organization...” – Department Of Energy issued FOA on March 31, 2010  Purpose is to “establish a National Electric Sector Cyber Security Organization that has the knowledge, capabilities, and experience to protect the electric grid and enhance integration of smart grid technologies that are adequately protected against cyber attacks.”  “This organization will serve as a focal point to bring together domestic and international experts, developers, and users who will assess and test the security of novel technology, architectures, and applications.” The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 3
  • 4. NESCO Objectives Mission: Establish a broad-based, public-private partnership to advance electric sector cybersecurity as the security voice of the electric industry Objectives:  Organize, lead & implement public-private partnership  Focus cybersecurity R&D priorities  Identify and disseminate security best practices  Organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats  Work cooperatively w/ DOE & other Federal Agencies  Enhance cybersecurity of the bulk power grid and electric infrastructure9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 4
  • 5. NESCO Platform IOU Non-Reg Muni Regulatory Co-op State, Fed, IPP Local Utility Govt Academic Vendor EPRI Product Natl Labs Service TCIPG The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 5
  • 6. Connect & Support Utility Asset Owners9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 6
  • 7. NESCO Distilled  NESCO Staff and Advisory Board  NESCOR partnerships  Outreach – Town Hall Meetings – Voice of the Industry (VOI) – Webinars  Tactical Analysis Center (TAC) – Community-sourced tactical cybersecurity – Daily Handlers Diary – Rapid Notification System – Subscriber Reports and Briefings  Resources – Best Practices – Organizations – Publications – Presentations The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 7
  • 8. NESCO Advisory Board  Heavily weighted toward utility asset owners – IOUs, Munis, Co-ops, IPPs  Representation from Trade Organizations – EEI, APPA, NRECA, UTC  Representation from Federal agencies – DOE, DHS (invited), DOD (invited)  Representation from research and forums – EPRI, NATF, NAGF (invited)  Representation from sector Vendor community The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 8
  • 9. Community Growth The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 9
  • 10. Community Overview  NESCO Members of Sept 30 2011 (1 year) – 788 NESCO members – 278 unique organizations  NESCO Members as of Sept 7 2012: – 1083 individuals – 381 unique organizations Note: This represents a nearly 50% annual growth rate The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 10
  • 11. Community Demographics 1,083 Individual members 381 unique organizations Predominately Asset Owner Driven Membership Base The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 11
  • 12. NESCO Membership Stats  Individual Members  Organizational – Academic: 25 Members – Asset Owner: 666 – Academic: 18 – Govt/Regulatory: 122 – Asset Owner: 180 – Vendor/Other: 270 – Govt/Regulatory: 43 – Total : 1083 – Vendor/Other: 140 – Total : 381 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 12
  • 13. NESCO Social Media Stats  NESCO mailing list: 4040  NESCO Twitter followers: 5579  NESCO LinkedIn group members: 547 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 13
  • 14. NESCO Outreach Stats  3 Town Hall meetings  19 Voice of the Industry (VOI) meetings  101 TAC notices – 171 follow up threads  79 presentations/panels  97 event participation  41 blog mentions  46 interviews and article citations The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 14
  • 15. NESCO Town Hall Meetings  Town Hall format – Single cybersecurity topic of interest to the electric sector – Openly discuss problems and solutions with all relevant parties  Refining Town Hall program – Half day events – Higher frequency (4-6), regional venues  Next Town Hall is… – Topic: Cybersecurity Legislation – Building a Bridge Between the Possible & the Practical – Keynote from Hon. Pat Hoffman, Asst Sec of Energy, US DOE – Between EnergySec Summit and CISO Forum – September 27, 2012 in Portland, OR – http://bit.ly/NESCOTownHallPDX2012 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 15
  • 16. NESCO Voice of the Industry  Attached to existing cybersecurity events  High frequency, geographic distribution  Open participation  Unscripted, no agenda  NESCO staff is there to listen  Aggregate and anonymize discussion topics  Use the data to advocate for industry causes and to inform interested parties  VOI calendar can be found at www.us- nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 16
  • 17. NESCO Webinars  Topics of interest to electric sector cybersecurity professionals  May partner with solution providers  1-2 per month  Calendar can be found at www.us- nesco.org  Let us know if you have suggestions! The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 17
  • 18. NESCO Tactical Analysis Center  Supports ES-ISAC and ICS-CERT  Open & private source intelligence  Asset owner volunteer handler SMEs with virtual analysis tools  Rapid, community-sourced analysis  Secure communications  Rapid Notification System  Daily diaries, briefings  Quarterly & annual reports9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 18
  • 19. ES-ISAC, ICS-CERT and TAC  An analogy… first responder, emergency and long term care  Basic TAC differentiators – Operated by an independent non-profit org – Not associated with a federal regulatory agency • DOE partner is non-regulatory • Funding expires in 2014, only “seed” money provided • Funding model involves cost-share, so industry bears cost throughout entire effort – Electric sector specific – Provides feeds to NERC & DHS if authorized by utility The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 19
  • 20. ES-ISAC, ICS-CERT and TAC  Additional TAC differentiators – Covers all electric utilities; smart grid, distribution, QF – NESCO staff work alongside industry handlers – RNS has direct access to security staff – Volunteer reporting structure, not mandatory – Private position offers unique vendor relationships – Anonymized pass through for bi-directional sharing – Learn more at http://grids.ec/TACWebinar The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 20
  • 21. NESCO Community Technology  Confluence collaboration suite – wiki, social media, blog, distribution lists, document management, etc…  Strong focus on building electric industry communities – Can be public or private/restricted  Can provide “instant” forums, distribution lists, etc for electric industry cybersecurity groups The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 21
  • 22. NEW! NESCO Website http://www.us-nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 22
  • 23. NESCO Roadmap  Membership program  Additional TAC services – Patch management notification – Higher service levels  Best practices repository The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 23
  • 24. NESCO Summary  Building trust through relationships to foster collaboration in electric sector  Flexible technology facilitates rapid tactical analysis and catalyzes best practices for future strategic efforts  Supports and promotes existing successful cybersecurity programs  Security voice of the electric sector9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 24
  • 25. NESCO Needs You  Volunteer programs – Tactical Analysis Center – Best Practices Repository – Community-driven efforts (Working Groups, task force, whitepapers, etc)  Financial support – NESCO must be sustained by industry – TAC subscriptions – Organizational or individual membership – Donations/sponsorships The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 25
  • 26. Questions? Patrick C Miller Principal Investigator, National Electric Sector Cybersecurity Organization President & CEO, EnergySec patrick.miller@energysec.org 503.446.1212 (desk) Powered by @patrickcmiller (twitter) www.energysec.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec9/7/2012 with funding assistance from the U.S. Department of Energy 26

×