Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session

Critical Infrastructure Protection Committee Report to

NERC Standing Committeesin Joint Session

Long Beach, CA

March 2005

Public Release

2

Topics Cyber Security Standard CIP-001-009

Larry Bugh Government – Private Sector coordination

Pat Laird National Infrastructure Protection Plan

Jim McGlone National Response Plan

Jim McGlone Electricity Sector Info Sharing Analysis Center

Lou Leffler

3

Cyber Security Standard CIP-001-009

● 61 sets of comments on Draft 2 DT met Mar. 3/4 to review 2 Tech Editors now on board

● DT meets again Mar. 21/22 Review total package Finalize Draft 3 Finalize draft 2 Implementation Plan

4

Cyber Security Standard CIP-001-009

● Major Areas of work Refine definitions Resolve consistency Match Requirements & measures Extend Implementation Plan

● Anticipate posting Draft 3 Apr. 15th

5

Government – Private Sector Coordination

● Homeland Security Presidential Directive – 7

● Department of Homeland Security

● Sector Specific Agencies Energy: Department of Energy

● Private Sectors

● National Infrastructure Protection Plan

(Work in process)

7

Electricity Sector Coordinating Council

● CIP Committee Executive Committee

● President / CEO NERC

● Presented to DHS; awaiting expected affirmation

National Infrastructure Protection PlanNIPP

Jim McGlone

Department of Energy

National Response PlanNRP

Jim McGlone

Department of Energy

http://www.esisac.com

http://www. isaccouncil.org

12

Communications

Threat Advisory Listserv (TAL) Critical Infrastructure Protection

Information System (CIPIS) Homeland Security Information Network

(under development) US-CERT Portal Telephone and conference calls GETS

13

REPORT INCIDENTS TO 1. LOCAL LAW ENFORCEMENT (Establish and maintain relationship.)

2. LOCAL FBI, PSEPC, RCMP, USSS (Establish and maintain relationship.)

3. ESISAC secure messaging: https://www.nerc.net/cip email: [email protected] tel: 609-452-1422 (anytime) fax: 609-452-9550 (day)

4. National Infrastructure Coordination Center (DHS IAIP) secure messaging: https://www.nerc.net/cip email: [email protected] tel: 202-282-9201 fax: 703-487-3570

14

15

Reports:

● From the ES,

● Together with other critical infrastructures,

● And intelligence sources:

May help the DHS to:

16

1. Does the ESISAC have your 24x7 contact? Are there multiple contact points and communications available?

2. Is a security decision-making process in place?3. How will your organization’s physical and cyber

security decision-makers get notified? Are there backup communications?

4. Is there a means in place to communicate decisions to action-takers? A backup?

5. Consider responses in accordance with the “Threat Alert Systems and Physical / Cyber Response Guidelines for the Electricity Sector”.

Some Things to Think About

17

Activities

● Back Up Location for ESISAC

● Telecommunications Electric Service Priority (TESP) program

● TopOff – 3

TY