EnergySec, profile picture
Uploaded byEnergySec
PPTX, PDF1,077 views

Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

The document details a panel discussion on the challenges and lessons learned regarding NERC CIP v5 compliance and configuration change management. Key pain points include asset identification, change approval processes, and compliance management, along with the need for thorough documentation and security controls. The discussion emphasizes transitioning from manual processes to automated systems for improved compliance and cybersecurity.

Technology
Related topics:
Regulatory Compliance

Embed presentation

Downloaded 15 times
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management Mark Prince, Entergy Tim Erlin, Tripwire Karl Perman, EnergySec
Logistics • Panelist discussion followed by questions and answers • All lines other than panelists will be muted • Questions via chat function • Audio and slides will be posted within 72 hours
It’s Interactive 3 Please submit your questions through the control panel to get answers LIVE from our panelists.
Introductions Mark Prince Manager OT Fossil Tim Erlin Director, IT Security and Risk Strategist @terlin Karl Perman VP, Member Services @EnergySec
NERC CIP V5 Pain Points • Asset Identification and Categorization • Change Approval Process • Configuration Management • Compliance Management • Baseline Configuration • Patching • Malware Prevention and Detection • Access Management • Information Protection • Evidence of Compliance • Many manual processes
General Change Management Process • Develop baseline configurations • Authorize and document changes to baselines • Update baselines within 30 days • Verify security controls • Pre-change Testing – High Impact BCS • Configuration Monitoring – High Impact BCS, EACMS, and PCA © 2015 Energy Sector Security Consortium, Inc. 6
Configuration Change Management Pain Points • Number and variety of devices • Every time, every change – No exceptional circumstances exemption • Identify security controls affected by the change – CIP-005 and CIP-007 • High Impact needs to have “Double Test” – Once before change, once after change • Automated system vs. manual process © 2015 Energy Sector Security Consortium, Inc. 7
Evidence • What needs to be maintained • Maintain Documentation • Storage • Automated work flows or manual processes © 2015 Energy Sector Security Consortium, Inc. 8
Beyond Compliance to Cybersecurity
Q & A Mark Prince Manager OT Fossil Tim Erlin Director, IT Security and Risk Strategist @terlin Karl Perman VP, Member Services @EnergySec

More Related Content

PPTX
Amped for FedRAMP
byRay Potter
 
PPT
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...
byTheAnfieldGroup
 
PPTX
Explore the Implicit Requirements of the NERC CIP RSAWs
byEnergySec
 
PPT
Cyber Security in Energy & Utilities Industry
byProlifics
 
PPTX
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
byEnergySec
 
PDF
Rapid7 NERC-CIP Compliance Guide
byRapid7
 
PPT
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011
bydma1965
 
PDF
Chef: Compliance @ Velocity
byChef
 
Amped for FedRAMP
byRay Potter
 
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...
byTheAnfieldGroup
 
Explore the Implicit Requirements of the NERC CIP RSAWs
byEnergySec
 
Cyber Security in Energy & Utilities Industry
byProlifics
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
byEnergySec
 
Rapid7 NERC-CIP Compliance Guide
byRapid7
 
NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011
bydma1965
 
Chef: Compliance @ Velocity
byChef
 

What's hot

PPTX
DevSecOps: Security and Compliance at the Speed of Continuous Delivery
byDag Rowe
 
PPT
Audit of it infrastructure
bypramod_kmr73
 
PDF
Efficient Document Control is Essential to Positive Audit Outcomes
byVeeva Systems
 
PDF
HIS 2015: Ivan Ellis - VISIUMCORE A High Integrity Processor for Safety Criti...
byAdaCore
 
PDF
The CSA STAR Program: Certification & Attestation
bySchellman & Company
 
PDF
ESS Software and Firmware
byPeter Ewers MIET FInstSMM
 
PDF
Firewall Rule Recertification - An Application-Centric Approach
byAlgoSec
 
PDF
What is a Firewall Risk Assessment?
byVISTA InfoSec
 
PPT
Cybersecurity Vendor Considerations
byEnergySec
 
PPTX
Breaking the Barriers to Agile Adoption in Safety- and Quality-Critical Envir...
bySeapine Software
 
PPTX
Compliance at Velocity with Chef
byJames Casey
 
PPTX
gsa
byAlex Woolfenden
 
PDF
Flight East 2018 Presentation–Black Duck at Docusign
bySynopsys Software Integrity Group
 
PDF
20180529 scaf and cosmic presentaiton s rajagopal
byCharles Symons
 
PDF
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
byValdez Ladd MBA, CISSP, CISA,
 
PDF
AOS - Five Monitoring Offering
byNGINX at F5
 
PDF
Work With Federal Agencies? Here's What You Should Know About FedRAMP Assessm...
bySchellman & Company
 
PDF
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
byEnergySec
 
PDF
Webinar: How automation can transform the way you manage your network securit...
byAlgoSec
 
DOC
Iso 9000 iso 9001
bybillgates3970
 
DevSecOps: Security and Compliance at the Speed of Continuous Delivery
byDag Rowe
 
Audit of it infrastructure
bypramod_kmr73
 
Efficient Document Control is Essential to Positive Audit Outcomes
byVeeva Systems
 
HIS 2015: Ivan Ellis - VISIUMCORE A High Integrity Processor for Safety Criti...
byAdaCore
 
The CSA STAR Program: Certification & Attestation
bySchellman & Company
 
ESS Software and Firmware
byPeter Ewers MIET FInstSMM
 
Firewall Rule Recertification - An Application-Centric Approach
byAlgoSec
 
What is a Firewall Risk Assessment?
byVISTA InfoSec
 
Cybersecurity Vendor Considerations
byEnergySec
 
Breaking the Barriers to Agile Adoption in Safety- and Quality-Critical Envir...
bySeapine Software
 
Compliance at Velocity with Chef
byJames Casey
 
gsa
byAlex Woolfenden
 
Flight East 2018 Presentation–Black Duck at Docusign
bySynopsys Software Integrity Group
 
20180529 scaf and cosmic presentaiton s rajagopal
byCharles Symons
 
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
byValdez Ladd MBA, CISSP, CISA,
 
AOS - Five Monitoring Offering
byNGINX at F5
 
Work With Federal Agencies? Here's What You Should Know About FedRAMP Assessm...
bySchellman & Company
 
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
byEnergySec
 
Webinar: How automation can transform the way you manage your network securit...
byAlgoSec
 
Iso 9000 iso 9001
bybillgates3970
 

Viewers also liked

PPTX
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
byEnergySec
 
PPT
Nerc Version 3 vs Version5 changes
byKen R Anderson CD
 
PDF
Unidirectional Network Architectures
byEnergySec
 
PDF
RAC Troubleshooting and Diagnosability Sangam2016
bySandesh Rao
 
PPTX
Webinar: Vulnerability Management leicht gemacht – mit Splunk und Qualys
byGeorg Knon
 
PPTX
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
byEnergySec
 
PDF
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
byEnergySec
 
PDF
VMware Product Applicability Guide for NERC CIP v5 Final Version 1.0
byAnthony Dukes
 
PPT
5 STEPS OF CONFIGURATION MANAGEMENT FUNCTIONALITIES
byEric Mariacher
 
PDF
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
byRisk Analysis Consultants, s.r.o.
 
PPTX
MASTERS OF THE UNIVERSE
byHealthegy
 
PPT
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
byEnergySec
 
PDF
Slide Griffin - Practical Attacks and Mitigations
byEnergySec
 
PDF
10 - CIP-002-5.1 Medley - Carr
byBryan Carr
 
PPTX
OpenStack at Cisco, June 2015
byLora O'Haver
 
PPTX
CIP Version 5 Immersion Workshop
byEnergySec
 
PPTX
Where Are All The ICS Attacks?
byEnergySec
 
PDF
Configuration Management vs. Container Automation
byinovex GmbH
 
PDF
Wireless Sensor Networks: Nothing is Out of Reach
byEnergySec
 
PDF
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
byEnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
byEnergySec
 
Nerc Version 3 vs Version5 changes
byKen R Anderson CD
 
Unidirectional Network Architectures
byEnergySec
 
RAC Troubleshooting and Diagnosability Sangam2016
bySandesh Rao
 
Webinar: Vulnerability Management leicht gemacht – mit Splunk und Qualys
byGeorg Knon
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
byEnergySec
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
byEnergySec
 
VMware Product Applicability Guide for NERC CIP v5 Final Version 1.0
byAnthony Dukes
 
5 STEPS OF CONFIGURATION MANAGEMENT FUNCTIONALITIES
byEric Mariacher
 
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
byRisk Analysis Consultants, s.r.o.
 
MASTERS OF THE UNIVERSE
byHealthegy
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
byEnergySec
 
Slide Griffin - Practical Attacks and Mitigations
byEnergySec
 
10 - CIP-002-5.1 Medley - Carr
byBryan Carr
 
OpenStack at Cisco, June 2015
byLora O'Haver
 
CIP Version 5 Immersion Workshop
byEnergySec
 
Where Are All The ICS Attacks?
byEnergySec
 
Configuration Management vs. Container Automation
byinovex GmbH
 
Wireless Sensor Networks: Nothing is Out of Reach
byEnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
byEnergySec
 

Similar to Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

PPTX
NERC CIP Training - 5 Days Course
byTonex
 
PPTX
Stop Chasing the Version: Compliance with CIPv5 through CIPv99
byTripwire
 
PPTX
NERC CIP - Top Testing & Compliance Challenges, How to Address Them
byInflectra
 
PDF
NERC v6.0 for ESM Solution Guide
byprotect724rkeer
 
PDF
Keep Your Guard: Stay Compliant and Be Secure
byTripwire
 
PPTX
Build It and They Will Come-Pliant
byJulie Tsai
 
NERC CIP Training - 5 Days Course
byTonex
 
Stop Chasing the Version: Compliance with CIPv5 through CIPv99
byTripwire
 
NERC CIP - Top Testing & Compliance Challenges, How to Address Them
byInflectra
 
NERC v6.0 for ESM Solution Guide
byprotect724rkeer
 
Keep Your Guard: Stay Compliant and Be Secure
byTripwire
 
Build It and They Will Come-Pliant
byJulie Tsai
 

More from EnergySec

PPT
Open Platform for ICS Cybersecurity Research and Education
byEnergySec
 
PPT
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
byEnergySec
 
PPTX
CIP-014-1: Next Steps from an Auditor’s Perspective
byEnergySec
 
PDF
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
byEnergySec
 
PPTX
Red Teaming and Energy Grid Security
byEnergySec
 
PDF
Please, Come and Hack my SCADA System!
byEnergySec
 
PPTX
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
byEnergySec
 
PPTX
Third Party Security Testing for Advanced Metering Infrastructure Program
byEnergySec
 
PPTX
Lessons Learned for a Behavior-Based IDS in the Energy Sector
byEnergySec
 
PPT
Industry Reliability and Security Standards Working Together
byEnergySec
 
PPTX
Jack Whitsitt - Yours, Anecdotally
byEnergySec
 
PPTX
Sea Changes, Strategic Implications, Board Cyber Perspectives
byEnergySec
 
PPT
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
byEnergySec
 
PPTX
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
byEnergySec
 
PDF
Industrial Technology Trajectory: Running With Scissors
byEnergySec
 
PPT
What the Department of Defense and Energy Sector Can Learn from Each Other
byEnergySec
 
PPTX
Event Correlation Applications for Utilities
byEnergySec
 
PDF
Where Cyber Security Meets Operational Value
byEnergySec
 
Open Platform for ICS Cybersecurity Research and Education
byEnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
byEnergySec
 
CIP-014-1: Next Steps from an Auditor’s Perspective
byEnergySec
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
byEnergySec
 
Red Teaming and Energy Grid Security
byEnergySec
 
Please, Come and Hack my SCADA System!
byEnergySec
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
byEnergySec
 
Third Party Security Testing for Advanced Metering Infrastructure Program
byEnergySec
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
byEnergySec
 
Industry Reliability and Security Standards Working Together
byEnergySec
 
Jack Whitsitt - Yours, Anecdotally
byEnergySec
 
Sea Changes, Strategic Implications, Board Cyber Perspectives
byEnergySec
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
byEnergySec
 
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
byEnergySec
 
Industrial Technology Trajectory: Running With Scissors
byEnergySec
 
What the Department of Defense and Energy Sector Can Learn from Each Other
byEnergySec
 
Event Correlation Applications for Utilities
byEnergySec
 
Where Cyber Security Meets Operational Value
byEnergySec
 

Recently uploaded

PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
December Patch Tuesday
byIvanti
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 

Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

  • 1.
    Lessons Learned ForNERC CIPv5 Compliance & Configuration Change Management Mark Prince, Entergy Tim Erlin, Tripwire Karl Perman, EnergySec
  • 2.
    Logistics • Panelist discussionfollowed by questions and answers • All lines other than panelists will be muted • Questions via chat function • Audio and slides will be posted within 72 hours
  • 3.
    It’s Interactive 3 Please submityour questions through the control panel to get answers LIVE from our panelists.
  • 4.
    Introductions Mark Prince Manager OTFossil Tim Erlin Director, IT Security and Risk Strategist @terlin Karl Perman VP, Member Services @EnergySec
  • 5.
    NERC CIP V5Pain Points • Asset Identification and Categorization • Change Approval Process • Configuration Management • Compliance Management • Baseline Configuration • Patching • Malware Prevention and Detection • Access Management • Information Protection • Evidence of Compliance • Many manual processes
  • 6.
    General Change Management Process •Develop baseline configurations • Authorize and document changes to baselines • Update baselines within 30 days • Verify security controls • Pre-change Testing – High Impact BCS • Configuration Monitoring – High Impact BCS, EACMS, and PCA © 2015 Energy Sector Security Consortium, Inc. 6
  • 7.
    Configuration Change Management PainPoints • Number and variety of devices • Every time, every change – No exceptional circumstances exemption • Identify security controls affected by the change – CIP-005 and CIP-007 • High Impact needs to have “Double Test” – Once before change, once after change • Automated system vs. manual process © 2015 Energy Sector Security Consortium, Inc. 7
  • 8.
    Evidence • What needsto be maintained • Maintain Documentation • Storage • Automated work flows or manual processes © 2015 Energy Sector Security Consortium, Inc. 8
  • 19.
    Beyond Compliance toCybersecurity
  • 20.
    Q & A MarkPrince Manager OT Fossil Tim Erlin Director, IT Security and Risk Strategist @terlin Karl Perman VP, Member Services @EnergySec

Editor's Notes

  • #10 Role, situation prior to implementation.
  • #11 Role, situation prior to implementation.
  • #12 Role, situation prior to implementation.
  • #14 Role, situation prior to implementation.
  • #17 Key Message; we cover a lot of NERC CIPv5.
  • #18 Key message: We have a real solution, made of actual products, that delivers. Here’s how.
  • #19 Key Message: No one else has the NERC Alliance Network.
  • #20 Key message: This isn’t just about compliance, but about securing critical infrastructure from today’s threats and tomorrows new challenges.