CIPC Executive Comittee Update

CIPC Conference Call

September 16, 2004

Stuart Brindley

CIPC Chair

CIPC Confidentiality - Public

CIPC Executive Committee Activities

● Support to NERC Board 2005 Business Plan Strategic retreat

● CIPC Roles Work flow - developing security guidelines

● Monitor progress and resources of WG/TFs Seiki Harada replaces John Maguire on Standards &

Guidelines WG

● Relationship with governments

● Opportunities...

NERC 2005 Business Plan

● Recognizes need to increase scope and intensity of CIPC efforts

● Identified CIPC strategic objectives and major work items

● Includes additional NERC staff person dedicated to CIPC

● Request approval at October NERC Board meeting

CIPC Strategic Objectives - 2005

• Further develop ISAC capability

• Improve coordination and relationships with governments

• Develop National Infrastructure Protection Plan

• Develop methods to deter, mitigate and respond to attack

• Enhance SCADA and process control security

• Address cyber & physical security Blackout recommendations

NERC Board Strategic Retreat

● From NERC Readiness Audits, develop a plan for identifying and communicating: Best practices Commonly identified areas for improvement

● Update NERC’s response plan in the event of a significant system disturbance or emergency event

● Coordinate NERC and FERC operator training studies

● Increase the intensity and commitment of stakeholder contributions to Committees

● Clarify the role of the Regions

● More proactive with governments - regulatory, security

CIPC Relationships & RolesElectricity Sector - Critical Infrastructure Protection

Risk Assessments Threats Early Warning Operational Response

Electricity Industry Associations:• North American Electric Reliability Council• Edison Electric Institute• American Public Power Assoc.• National Rural Electric Co-op Assoc.• Canadian Electricity Association

CIP Committee *Executive Committee

ESISAC SubcommitteeSecurity Planning SubcommitteeWorking Groups & Task Forces

ELECTRICPOWERSYSTEM

OPERATION

PHYSICALINFRASTRUCTURE

INFORMATIONTECHNOLOGY

ELECTRICITY SECTOR ENTITIESUtilities, Transmitters, Generators, Distributors, Independent System/Market Operators

OPERATIONS PHYSICAL AND CYBER SECURITY EMERGENCYMANAGEMENT

PUBLIC HEALTH &SAFETY

CRITICAL INFRASTRUCTURE PROTECTION

NERC LeadershipTechnical Steering Ctee

Other NERC Standing CteesOC, PC, MC, etc

US:Department of Homeland Security (DHS)Department of Energy (DOE)Federal Energy Regulatory Commission (FERC)Canada:Public Safety & Emergency Preparedness Canada (PSEPC)Natural Resources Canada (NRCan)

Federal, Provincial and State Governments

14 ISACsSector Coordinators & ISAC Council

Executive Committee:• Identify strategic objectives and priorities• Respond to requests from NERC leadership, governments and industry associations• Identify needs to Working Groups/Task Forces• Seek active contribution of CIPC members.• Schedule and lead CIPC meetings• Support NERC President as Sector Coordinator

Subcommittee Working Groups & Task Forces:• Define scope, deliverables, milestones and resource requirements• Provide periodic status of milestones, deliverables to Executive Committee• Conduct Working Group/Task Force meetings.• Assign tasks to Committee members

NERC Staff:• Arrange meeting facilities such as physical space or conference calls• Provide administrative support• Act as primary contact with governments, decide responses with Executive Committee• Operate the ESISAC

CIP Committee Roles *

CIPC Work Flow - Security Guidelines

Identify need

Approve scope & resources

CIPC review and approvalto forward to NERC Board

Post “final document” for public review

Prepare “final document”

Forward “content draft” to Standards & Guidelines WG for:• consistency with existing Standards & Guidelines • final format

CIPC approval of “content draft”

Submit “content draft” for CIPC approval

Prepare “content draft”

Prepare scope and identify resources

Prioritize & assign to Working Group/Task Force

Executive Committee Standards & Guidelines WG NERC StaffCIPC Members Working Group/Task Force

Prepare “final draft”

Review “content draft”

Review scope

2 weeks 2 weeks

1 week

1 week

1 week

Scope-dependent

As versions developed

Within days

Within days

Facilitate meetings& conference calls

Coordinate review of otherNERC Committees as appropriateScope-dependent

Relationships with Governments

● Canada-US Outage TF report - prioritize actions

● DHS interface with NERC as Sector Coordinator, ESISAC, ISAC Council NERC President, CIPC Chair are Sector Coordinators

● Aug 31/04 meeting with senior DHS officials (NERC, EEI, AGA)

● Response to large-scale emergencies (eg. Blackout, hurricanes)

● Multi-national CIP initiative - assess opportunity industry and governments Australia, New Zealand, US, Canada

Canada-US Outage TF Report

● High visibility by governments - life of Task Force extended by 1 year

● 16 of 46 recommendations related to CIP many require coordination with other NERC

Committees (esp. Operating and Planning)

● Actions underway within CIPC many during 2004 some through 2005… and beyond

Sector Coordinators/ISAC Council

Mission:To advance the physical and cyber security

of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction between and among the ISACs and with government

Sector Coordinator/ISAC Council Initiatives

● Single forum for DHS to interface with all 14 critical infrastructure sectors who’s who ? Include Sector-Specific Agencies (eg. DoE)

● Matrix project - sharing structure, scope of each ISAC

● Interdependency Task Force - proposed 3 tabletop exercises to DHS

● Media/Outreach - key public messages communicating what is being done

● Physical/Cyber - integrating these functions

● Emergency Notification System (ENS) and conference bridge in place

Opportunities...

● Improved coordination with government 2-way information sharing, risk assessment

● Industry outreach to the public regarding CIP threats and incidents… as we did during the Blackout

Sector Coordinating CouncilPCIS/Sector Coordinators

ISACs

Government Coordinating CouncilDHS

Sector-Specific Agencies (eg.DoE)

Opportunities...

● Growing the ESISAC During response mode, can’t just be NERC staff Leverage CIPC participants:

Subject matter expertise Getting the right resources, right away

Coordinate with Operations Timely and effective support of government

Building the DHS Relationship

August 31, 2004 Meeting

Nebraska Ave.

Washington DC

Participants

DHS: Bob Liscouski, Al Martinez-Fonts, Jim

Caverley, Bill Flynn, Taralyn Riordon

Electricity, Gas Sectors: Stuart Brindley, Bob Canada, Pat Laird,

Lyman Shaffer

Meeting Objectives

● Recognize successful initiatives with DHS

● Demonstrate the commitment of asset owner/operators, and support of industry associations NERC, EEI, AGA, others Sector Coordinators, ESISAC, ISAC Council

● Improve 2-way communication between industry and DHS

Recognizing Successes● NERC ESISAC project with Homeland Security

Information Network (HSIN)

● ES contribution to NIPP (energy annex)

● Canada-US interdependency exercise

● NERC Security Standards, Guidelines and Workshops

● Cyber intrusion detection system pilot

● Security clearances with some industry players

● Regional gas reliability studies

● ESISAC support during emergencies (eg. hurricanes)

DHS and Industry Roles

● Industry sees too many CIP contacts with government agencies

● Not all Sector Coordinators or ISACs reach across their entire sector NERC is Sector Coordinator and operates

ESISAC CIPC reaches broadly across electric sector DHS to formally recognize NERC through

provisions of Federal Advisory Committee Act

Opportunities for Improvement

● Threat assessment and info-sharing industry decision-makers with security clearances

● Early consultation to facilitate DHS initiatives

● Support DHS’ National Infrastructure Coordinating Centre (NICC) Situation-dependent

● Protection of Critical Infrastructure Information (PCII) Some time until appropriate protection is in place

● DHS establishing liaison in 68 Secret Service field offices