ero enterpriseit strategy and it projects update highlights and minutes/combined...• nasdaq bwise...
TRANSCRIPT
ERO Enterprise IT Strategy and IT Projects UpdateStan Hoptroff, Vice President, Chief Technology Officer and Director of Information TechnologyTechnology and Security Committee Conference CallAugust 9, 2018
RELIABILITY | ACCOUNTABILITY2
Agenda
• ERO IT Strategy Update Data and Analytics Collaboration and Information Sharing Standards and Compliance Technology Platforms
RELIABILITY | ACCOUNTABILITY3
Agenda
• ERO IT Projects Update Compliance Monitoring and Enforcement Program (CMEP) Technology
Project Entity Registration/Standards Situation Awareness for FERC, NERC and the Regional Entities (SAFNR) Southwest Power Pool, RE (SPP RE) Dissolution Electricity Information Sharing and Analysis Center (E-ISAC) Technology
Update
• Priorities Looking Ahead
RELIABILITY | ACCOUNTABILITY4
Data and Analytics
• 2018 Business Intelligence tool updates and user adoption initiatives User and Entity Information Federation - planning and design (coordinated
with Entity Registration work)
• 2019 Geomagnetic Disturbance (GMD) Data Collection on xRM Platform
RELIABILITY | ACCOUNTABILITY5
Data and Analytics
• 2020 Generating Availability Data System (GADS) Solar Data Collection on xRM
Platform GADS data warehouse updates Misoperation Information Data Analysis System/GADS data relationships
• 2021 and Beyond GADS replacement, Transmission Availability Data System replacement;
Demand Response Availability Data System replacement
RELIABILITY | ACCOUNTABILITY6
• 2018-2020 Ongoing migration of external business activities to new Extranet Remaining migration of internal business activities to new Intranet
• 2021 and Beyond Replace public-facing web site with Content Management System (CMS) Announcements and Alerts via our Microsoft Dynamic (xRM) platform Discussion groups, supporting committees, and working groups instead of
Lyris lists
Collaboration and Communications
RELIABILITY | ACCOUNTABILITY7
• 2018 CMEP process harmonization, initial design work, Infrastructure
• 2019 Entity Registration deployed and integrated with new CMEP tool Standards as Data deployed and integrated with new CMEP tool Standards Export for registered entities CMEP Tool Release 1: Self Reports, Enforcement, Mitigation
• 2020 CMEP Tool Release 2: Compliance Monitoring CMEP Tool Release 3: Reliability Risk, Implementation Plan, Compliance
Oversight Plan, Inherent Risk Assessment, Internal Controls Evaluation
Standards and Compliance
RELIABILITY | ACCOUNTABILITY8
• Nasdaq BWise Governance, Risk, and Compliance (GRC) Platform for CMEP
• Ingenuix CMS for the E-ISAC• xRM for ERO applications• Microsoft SharePoint for ERO and NERC collaboration
Technology Platforms
RELIABILITY | ACCOUNTABILITY9
Software Platform Value Accumulation
1000 1000 1000 1000
100 100 100
100 100
100
1000 FP
1100 FP
1200 FP
1300 FP
Base Product Vendor Enhancements NERC Enhancements Upgrade Enhancements
Soft
war
e Fu
nctio
n Po
ints
Careful planning and upgrade-safe development provides consistently increasing value over time
NERC pays a vendor to add functionality
NERC developersadd more functionality
Platform Upgradeadds more functionality
RELIABILITY | ACCOUNTABILITY10
ERO IT Projects Update
RELIABILITY | ACCOUNTABILITY11
CMEP Technology Project Benefits and Beneficiaries
Standardization and implementation of common business processes and workflows, enabling increased productivity
Single, common portal for registered entities, enabling consistency of experience
Improved capability to support the Risk-Based Compliance Oversight Framework
Increased capability to implement audit best practices and processes
Enhanced quality assurance and oversight, enabling consistent application of the CMEP
Improved analytics, including visibilityinto compliance and reliability risks
Real-time access to information, eliminating delays and manual communications
Reduced application costs across the ERO Enterprise ($548k annual savings)
EntitiesNERC RegionsERO Enterprise Registered
RELIABILITY | ACCOUNTABILITY12
• Process Harmonization Schedule Self-Report – Sharing current thinking with stakeholders (Compliance and
Certification Committee Alignment Working Group (CCC-AWG)) Enforcement Processing - Underway Mitigation Plan Creation and Tracking - Underway Self-Certifications – Periodic Data Submittals (September) Compliance Audit and Spot Check (October) Compliance Planning (November)
CMEP Technology Project Update
RELIABILITY | ACCOUNTABILITY13
CMEP Technology Project Update
• BWise vendor licensing and hosting agreements completed • Project plan completed – Will revise as needed• Project communications – Completed and being executed• Training Needs Assessment – Under development• Change Management Plan – To be developed • Support resource on-boarded
RELIABILITY | ACCOUNTABILITY14
CMEP Stakeholder Engagement and Communications Plans
• CCC AWG
• Other standing committees and subcommittees• Regional committees and groups• Trade organizations and other groups• Canadian and Mexican entities
RELIABILITY | ACCOUNTABILITY15
CMEP Top Steering Committee Issues
• Ensuring stakeholder involvement and registered entity readiness
• International entities• Conversion of historical data• Data protection and security • FERC access
RELIABILITY | ACCOUNTABILITY16
Entity Registration and Standards as Data
• Updated business case for the ERO Technology Leadership Team (TLT) - August 14, 2018
• Standards and registration data integration with BWise (Q3 2019)
RELIABILITY | ACCOUNTABILITY17
SPP RE Dissolution
• Majority of data migration completed• Useful knowledge gained from data migration efforts, applicable
to the CMEP Technology Project• Number of test cases executed - 150
RELIABILITY | ACCOUNTABILITY18
SAFNR Upgrade
• Key required features for a new version of SAFNR Ability to control views for NERC, FERC, Regional Entities, and Reliability
Coordinators Request and vetting process for new and existing users Facilities search function Trending capability for historical data Visual indicator for change in status Alerting for transmission and generation outage Ability to perform user-defined data aggregation
• Business case, RFP, and ERO-TLT approval during 2018
RELIABILITY | ACCOUNTABILITY19
E-ISAC Technology Update
• E-ISAC Portal User communities delivered June 28 • Continue to deploy and deliver enhancements to data analytics
capabilities (people, data, tools)• Integration with machine-to-machine applications, other threat
intelligence feeds, and malware analysis tools (DOE)
RELIABILITY | ACCOUNTABILITY20
Priorities Looking Ahead
• CMEP Technology Project Business Process Harmonization• Business Case for SAFNR• Additional functionality for the E-ISAC portal Additional authentication enhancements Additional user interface/experience enhancements, content editing, and
editorial management and digital asset management (Version 10 - 2019) New ability to track client actions and track engagement, target content,
and deploy personalized content (Version 11 - 2020)
• Additional analytical capabilities for the E-ISAC, with a focus on the “analyst workbench/data warehousing”
RELIABILITY | ACCOUNTABILITY21
1 RELIABILITY | RESILIENCE | SECURITY
RELIABILITY | RESILIENCE | SECURITY
E-ISAC Update
Bill Lawrence, Director of the E-ISACWebinarAugust 9, 2018
2 RELIABILITY | RESILIENCE | SECURITY
Agenda
• Mission and vision• E-ISAC Long-term Strategic Plan framework• Key activities update• Overview of 2018 Q1/Q2 accomplishments
3 RELIABILITY | RESILIENCE | SECURITY
MissionThe E-ISAC reduces cyber and physical security risk to the
electricity industry across North America by providing unique insights, leadership, and collaboration
VisionTo be a world-class, trusted source for the quality analysis and
rapid sharing of electricity industry security information
Mission and Vision
4 RELIABILITY | RESILIENCE | SECURITY
Vision: To be a world class, trusted source of quality analysis and rapid sharing of electricity industry security information
Supported by:• NERC Board of Trustees• Electricity Subsector Coordinating Council (ESCC)• ESCC Members Executive Committee (MEC)
E-ISAC Strategic Plan
EngagementAnalysisInformation Sharing
Accelerate sharing and high priority
notifications
Enhanceportal
Improveinformation flow
and security
CRISP CYOTE CAISS Strategic Vendor
Partnerships
Hire and developexceptional employees
Leverage information sharing
technologies and resources
to enhance analytical capability
Prioritize products and
services
Metricsbenchmarking
Evaluate 24x7
Operations(future)
Build trust and show value
World Class ISAC
Strategic Framework
5 RELIABILITY | RESILIENCE | SECURITY
Key Activities Update
Team• Multiple new technical certifications and new hires
Engagement• Completed five cycles of Industry Engagement Program with 17 cyber
and physical analysts• Cyber Mutual Assistance• Japan Electricity ISAC and European Energy ISAC• GridSecCon 2018
Technology pilots and programs• Cyber Risk Information Sharing System (CRISP)• Cyber Automated Information Sharing System (CAISS)• E-ISAC Portal
6 RELIABILITY | RESILIENCE | SECURITY
2018 Q1 and Q2 Deliverables
Q1 Q2
30 60 90 30 60 90
Info
rmat
ion
Shar
ing
Enhance Portal
Improve information accessJoin quarterly DHS secure video teleconference tests with industry clearance holders
Obtain credentials for staff access to DHS National Cybersecurity and Communications Integration Center
Develop detailed roadmap and begin implementations of portal enhancements including potential data visualization, enhanced authentication, user management and registration
Circulate draft GridEx IV reports Release GridEx IV reports
Build work plan with ESCC and CIPC to accomplish GridEx recommendations and lessons learned
Ongoing projects Significant progressLegend:
Deliver Email Notifications with Content
Implement User Communities
Accelerate sharing and high-priority notificationsEstablish and exerciseCritical Broadcast process
Develop strategic vendor partnerships
Develop and pilot CAISS information sharing capabilities
Deploy HF capability
Gather requirements, develop plan, issue RFP for Event Management tool
7 RELIABILITY | RESILIENCE | SECURITY
2018 Q1 and Q2 Deliverables
Q1 Q2
30 60 90 30 60 90
Anal
ysis
Acquire and develop high quality resources
Leverage technology
Evaluate new analytical capabilities
Enhance CRISP data analysis
Evaluate deployment of DOE malware forensics tools and dropbox
Metrics benchmarking
Hire additional cyber analysts
Develop requirements and issue RFP for contracted analyst supportDevelop embedded industry augmentation program
Develop and pilot CAISS analytic capabilities
Benchmark security metric data
Continue work with CIPC Security Metrics Working Group
Hire physical security manager and analyst
Implement embedded industry augmentation program
Gather requirements and issue RFP for data warehouse and analyst workbenchPrioritize products and services with MEC Working Group
8 RELIABILITY | RESILIENCE | SECURITY
2018 Q1 and Q2 Deliverables
Q1 Q2
30 60 90 30 60 90
Enga
gem
ent
Hire Member Services manager
Strengthen private sector relationships (e.g., SANS, CEATI, etc.)
Expand industry relationships and collaboration
Promote unclassified workshopsBuild trust and value via user communities
Strengthen governmental, institutional, and private sector relationshipsEstablish recurring meetings with DOE, DHS, FERC OEIS
Add CRISP participants
Establish MOU with Canadian Cyber Incident Response Centre
SANS ICS Summit
MEC and CIPC MEC and CIPC
Establish monthly CRISP classified workshops with DOE and Pacific Northwest National Laboratory
Continue work on trilateral MOU with Japan E-ISAC and European Energy ISAC
GridSecCon strategic planning GridSecCon call for presentations and training
Enhance Energy (DNG, ONG) and cross-sector ISAC relationships (Water, Auto, REN, Nuclear, Comms, FS)
Define relationship with Cyber Mutual Assistance program
Develop user community governance and additional portal requirements
MEC
Develop User management registration requirements
9 RELIABILITY | RESILIENCE | SECURITY