ELECTRICITY SECTOR CRITICAL INFRASTRUCTURE PROTECTION - PowerPoint PPT Presentation

Loading...

PPT – ELECTRICITY SECTOR CRITICAL INFRASTRUCTURE PROTECTION PowerPoint presentation | free to download - id: 3c699b-MmI0N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

ELECTRICITY SECTOR CRITICAL INFRASTRUCTURE PROTECTION

Description:

ELECTRICITY SECTOR CRITICAL INFRASTRUCTURE PROTECTION Background Materials for Presentation by Lou Leffler North American Electric Reliability Council – PowerPoint PPT presentation

Number of Views:41
Avg rating:3.0/5.0
Slides: 16
Provided by: rffOrgrf
Learn more at: http://www.rff.org
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: ELECTRICITY SECTOR CRITICAL INFRASTRUCTURE PROTECTION


1
ELECTRICITY SECTORCRITICAL INFRASTRUCTURE
PROTECTION
  • Background Materials for Presentation by
  • Lou Leffler
  • North American Electric Reliability Council
  • Forum on U.S. Energy Security
  • Traditional and Emerging Challenges
  • 28 January 2002
  • Resources for the Future, Washington DC

2
The Electricity SectorSECURITY Physical,
Cyber, Operations
  • Many types of entities own and operate
    transmission and generation systems
  • Reliability responsibilities are shared across
    several levels and institutions
  • Multiple regulators (roughly 62)

3
Critical Infrastructure Interdependencies (A few
of the many)
TELECOM
OIL/GAS
FIN SVCS
ELECTRICITY
NS/EP
IT
EM SVCS
WATER
TRANSP
ISAC
4
Electric Sector Industry Sector Advisory
Committee (ES-ISAC)
  • Receive incident data from Electric Supply
    entities
  • Assist the National Infrastructure Protection
    Center (NIPC) in its analyses
  • Disseminate threat and vulnerability assessments
  • Liaison with other ISACs
  • Share best practices and lessons learned
  • Analyze sector interdependencies
  • Participate in infrastructure exercises

5
Assessments
  • Threats, Vulnerabilities, Risk, Plans (Avoidance,
    Assurance, Detection, Restoration), Risk
    Management, Review
  • Red, Gray, and Blue Assessing Threat,
    Environment, Self
  • Highly formal assessments
  • Dams
  • Transmission
  • Professional
  • Physical and cyber
  • National Labs program

6
Issue Data Security
  • System data
  • System plans
  • System Maps
  • Filed reports FERC, DOE, State/Local
  • Internet sites

7
Other Critical Infrastructure Protection Issues
  • Physical security over the long term
  • Process controls
  • Timely and actionable information sharing
  • Common interpretation of Threat Alert Levels
  • Secure and reliable communications
  • Legislation FOIA, Practices

8
Additional CIP Info
  • IAW Program
  • Business Cases for Action
  • Approach to Action
  • lthttp//www.nerc.comgt
  • ltesisac_at_nerc.comgt
  • (609-452-8060)
  • PCIS
  • lthttp//www.pcis-forum.orggt

9
Indications, Analysis and Warnings (IAW) Program
NERC NIPC
  • Incident reports
  • From any verified ES Entities to the NIPC
  • Physical and cyber
  • Analysis with other information
  • Assessments, Advisories, Alerts
  • From NIPC to ES Entities
  • Actionable
  • Voluntary
  • NERC North American Electric Reliability
    Council
  • NIPC National Infrastructure Protection Center

10
Threat Alert Levels - Goals
  • Define Threat Alert Levels issued by the ES-ISAC
  • Physical Cyber Operational
  • Normal Low Medium High
  • Specificity Sector, Geographical, Object (eg
    named facility or type).
  • Guidelines (non-prescriptive examples) of
    security measures that ES entities may consider
    taking, based on Threat Alert Level
  • Physical Cyber Operational
  • Consistent Threat Alert Levels with the threat
    information received by the ES-ISAC from
    Government sources and other ISACs.

11
Communications
  • Communications with Organizations
  • Variety of channels
  • Communications within Organizations
  • Operations
  • Physical Security
  • Cyber Security, IT, Telecom

12
Business Cases for Action
Five targeted audiences
Chief Executive Officer Chief Information
Officer Operations Executive NERC
Leadership General Industry Reader
13
Approach to Action (AtA)
What is the AtA?
A reference for the Electricity Sector. Presents
a range of actions in response to CIP. Encourages
an organization to size up its own situation and
choose appropriate Actions for itself. A
work-in-progressa living document.
14
National Strategy
15
Partnership for Critical Infrastructure Security
(PCIS)
  • PCIS Working Groups
  • Interdependencies
  • Information Sharing
  • Public Policy and Legislation
  • Research and Development
  • National Plan
About PowerShow.com