NESCO/NESCOR Joint Overview

  • 239 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
239
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. National Electric Sector Cybersecurity Organization & Resource (NESCO/NESCOR) Joint OverviewPatrick C Miller, President and CEO, EnergySecErfan Ibrahim, PhD, Technical Executive, EPRI March 23 2011
  • 2. NESCO/NESCOR Partnership • EnergySec = National Electric Sector Cybersecurity Organization (NESCO) • EPRI = National Electric Sector Cybersecurity Organization Resource (NESCOR) The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
  • 3. Complementary Programs NESCO (EnergySec) NESCOR (EPRI)Primary grant recipient; “EnergySec R&D Partner; “EPRI led team will providewill form the organization to be a research and analysis resource forknown as NESCO” NESCO to mitigate risks from imminent threats and vulnerabilities”Emphasis on information and EPRI led team will harmonizeresource sharing, collaboration, cybersecurity requirements from NISTsituational/tactical awareness, rapid CSWG, DHS ICS JWG, NERC andnotification, forensics and applied OpenSG Utilisec and assessresearch cybersecurity posture of standards and technologies (including lab testing)Asset owner participation is primary EPRI led team includes 17 partners fromvehicle, supplemented by SME research labs, academia and other SMEscontractors Both organizations focus on near and long term issues The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
  • 4. NESCO/NESCOR Projects 1 2Industry Research Request NESCO Project Summary NESCO Asset Project R Threat and Owners Validation, Input Vulnerability Assessment and 4 & Tracking 3Government Mitigation Group Project Project Approval Project Estimate Cyber Security NERC 5 Management 6 Tech. Testing & Validation Group Trade Orgs Project Cyber Security Standardization Requirements and 8 and Delivery 7 Standards Vendors Project Delivery Project Delivery Assessment Group Other Other research industry paths projects The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
  • 5. NESCO OVERVIEW
  • 6. EnergySec History• 7/2004: EnergySec founded as E-Sec NW• 1/2008: SANS Information Sharing Award• 12/2008: Incorporated as EnergySec• 10/2009: 501(c)(3) nonprofit determination• 4/2010: EnergySec applied for National Electric Sector Cybersecurity Organization (NESCO) FOA• 7/2010: NESCO grant award from DOE• 10/2010: NESCO became operational The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
  • 7. EnergySec Membership Stats 547 members from 161 organizations US Nameplate Generation US Residential Distribution 74% 60% The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
  • 8. NESCO Background• Mission: Lead a broad-based, public-private partnership to improve electric sector energy systems cyber security• Goals: – Identify and disseminate common, effective cyber security practices – Analyze, monitor and relay infrastructure threat information – Focus cybersecurity research and development priorities – Work with federal agencies to improve electric sector cyber security – Encourage key electric sector supplier and vendor support / interaction The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
  • 9. Public-Private Perceptions• Government moves too slowly, over- classifies and narrowly distributes• Industry can’t protect the shared information and doesn’t respond appropriately• Lack of parity in degree and quality of information shared in both directions The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
  • 10. How Does This Work? • Sharing requires trust • Trust is built on relationships • NESCO fosters trustworthy relationships – Bringing people together – Flexible technology options to extend and enhance relationships – Organic growth; birds of a feather The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9
  • 11. Support, Not Duplicate The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 10
  • 12. Collaboration Initiatives• What works, what doesn’t• Benchmarking• Situational (tactical) security awareness• Threat and vulnerability analysis• Shared/crowd-sourced resources (repository)• Mentoring The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 11
  • 13. NESCO Outreach• Annual Summit – October, San Diego• Town Hall Meetings – April 27, Austin• Voice Of The Industry Meetings• Interest Groups: – Open Source, Intrusion Detection, Forensics, Security Architecture, Workforce Development, Threat Assessment• Webinars, Briefings• Social mediaThe National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 12
  • 14. Technology Portfolio• Email distribution lists• Secure portal with forums• Secure instant messaging• Rapid notification mechanisms• Web collaboration• Resource repository• Most technologies have non- attribution (anonymous) options The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 13
  • 15. Resource Repository• Code snippets• IDS/attack signatures• Audit templates• Reference architectures• System configurations• Policy, process, procedure templates• Compliance practices• And more… The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 14
  • 16. NESCOR OVERVIEW
  • 17. NESCOR BackgroundDOE issued a Funding Opportunity Notice (FOA DE 0000245) inApril 2010 to establish the National Electric Sector Cyber SecurityOrganization (NESCO) as a public private partnership to: – Evaluate cyber security posture for legacy systems – Evaluate deployability of emerging cyber security technologies – Collaborate and coordinate to identify cyber security requirements – Perform use case analysis for risk identification, assessment, and development of risk mitigation strategies – Develop cyber security best practices and metrics – Establish and operate a Cyber Incident Data Center (CIDC)An EPRI Led Team with Support from PDU Executive Committee MembersResponded to DOE FOA The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 16
  • 18. NESCOR TeamNational/Commer Focus Areas cial Research Other Subject •Review NIST, DHS, NERC Labs Academia Matter Experts and other cyber security• Oak Ridge • University of • N-Dimension requirements and results National Lab Houston • Inguardians •Assess existing power• Sandia National • UCLA • Arc Technical system and cyber security Lab • UC Berkeley • EnerNex standards to meet the security requirements of• Idaho National • University of • Xanthus the power system Lab Minnesota Consulting• National Smart Grid International •Identify vulnerabilities, Renewable Consortium • TLI Inc (Texas develop risk mitigation strategies, best practices Energy Lab A&M and metrics in collaboration• Palo Alto University) with NESCO Research •Test security technologies Center in labs and pilot projects• SRI• Telcordia The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 17
  • 19. NESCOR Vision• Strategic focus: Provide a focal point for bringing together utilities, federal agencies, regulators, and researchers to address the electric sector security threats• Program objectives: –Develop risk mitigation strategies, best practices and metrics –Test security technologies in labs and pilot projects –Harmonize security requirements across bodies of work from DHS, NIST, NERC, etc. –Assess existing power system and cyber security standards to meet the security requirements of the power system The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 18
  • 20. NESCOR Program StructureEPRI will createand lead three Threat andworking groups: Vulnerability Assessment and Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 19
  • 21. NESCOR Program Structure Working groupspopulated by National Each WG collaboratesLabs, Universities, and with IOUs, Muni’s, Co- Threat and Ops, and ISOsSubject Matter Experts Vulnerability Assessment and Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group Program advised by Industry Advisory Board composed of industry groups, federal agencies, and regulators The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 20
  • 22. Technology Readiness LevelInteroperability testingDeveloping vulnerability mitigations Testing emerging security technologies The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 21
  • 23. NESCOR Program StructureNESCOR seeds • Solutions toprojects for the current Threat and vulnerabilities EPRI Cyber Vulnerability Security Assessment and Program Mitigation Group Cyber Security Requirements and Cyber Security Standards Technology Testing & Assessment Group Validation Group• Developing • Transferring solutions for technology to security gaps industry The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 22
  • 24. NESCOR Outreach• Need representation from cyber security subject matter experts at IOUs, Municipals and Coops on the three technical working groups conference calls and technical deliberations – 90 minutes every other week on conference calls for each task group starting Mid April 2011 – Background technical work to collect info and apply project results (5 – 10 hours per month)• Populate the NESCOR Advisory Board with senior executives from various industry stakeholder groups for project direction setting• Get the word out for increased collaboration• Project Duration: October 2010 – September 2013 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 23
  • 25. Questions?Non-profit. Independent. Trusted. Patrick C Miller Erfan Ibrahim, PhD President and CEO Technical Executive, NESCOR Lead patrick@energysec.org eibrahim@epri.com 503-446-1212 925-785-5967 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 24