rfirst corp follow us on linkedin and twitter
play

@RFirst_Corp Follow us on LinkedIn and Twitter Forward Together - PowerPoint PPT Presentation

Jul 04, 2023 •94 likes •988 views

@RFirst_Corp Follow us on LinkedIn and Twitter Forward Together ReliabilityFirst Enforcement Trends & Addressing Silos Patrick OConnor, Counsel Kristen Senk, Senior Counsel Agenda Topics Update on enforcement trend data

  1. @RFirst_Corp Follow us on LinkedIn and Twitter Forward Together • ReliabilityFirst

  2. Enforcement Trends & Addressing Silos Patrick O’Connor, Counsel Kristen Senk, Senior Counsel

  3. Agenda Topics  Update on enforcement trend data  Overview of CIP themes  Panel discussion on addressing organizational silos 3 Forward Together • ReliabilityFirst

  4. Most Violated Standards 12 Month Rolling Count 132 Number of Violations 90 63 31 23 17 17 16 13 12 CIP-007 CIP-010 CIP-004 CIP-006 PRC-024 CIP-005 MOD-025PRC-005 PRC-019 CIP-011 4 Forward Together • ReliabilityFirst

  5. Disposition Method 350 316 300 250 200 150 111 100 62 50 37 26 16 16 11 4 0 2016 2017 2018 Dismissal/CE FFT Settlement 5 Forward Together • ReliabilityFirst

  6. Detective Controls 2018 310 2017 329 By Date Reported 2016 293 2015 671 2014 746 0 100 200 300 400 500 600 700 800 Average Days from Start Date to Report Date 6 Forward Together • ReliabilityFirst

  7. 2018 CIP Themes Report  Purpose • Identify themes in violations with the CIP Standards • Suggest potential resolutions  Collaboration • RF, WECC, and SERC worked with Registered Entities to identify the themes and resolutions.  Second Edition • First edition in 2015 7 Forward Together • ReliabilityFirst

  8. CIP Themes 15% * The graph 11% 45% represents the violations that concern the 29% more significant CIP compliance deficiencies. Disassociation Organizational Silos Inadequate Tools Lack of Awareness 8 Forward Together • ReliabilityFirst

  9. Theme - Organizational Silos  Lack of coordination between departments, business units, and different levels of management Vertical Silos (Between Business Units or Departments) Horizontal Silos Generation (Between Layers from the Top Down) 9 Forward Together • ReliabilityFirst

  10. Organizational Silos Panel Discussion Thomas Breene Bill Edwards Kristina Pacovsky Assistant General Managing Senior Manager FERC/NERC Compliance Counsel Corporate Counsel Exelon Corporation Midcontinent WEC Energy Group Business Services Independent System Operator 10 Forward Together • ReliabilityFirst

  11. Questions & Answers Forward Together ReliabilityFirst 11 Forward Together • ReliabilityFirst

  12. GridEx IV Exercise Overview April 26, 2018 Columbus, OH

  13. Slide 1 of 237 13 Forward Together • ReliabilityFirst

  14. GridEx IV Exercise - 2017  NERC conducted its fourth biennial grid security and emergency response exercise, GridEx IV, on November 15–16, 2017  GridEx IV consisted of a two-day distributed play exercise and a separate executive tabletop on the second day  The exercise provided an opportunity for stakeholders in the electricity sector to respond to simulated cyber and physical attacks affecting the reliable operation of the grid 14 Forward Together • ReliabilityFirst

  15. Cyber Attack Scenario  Cyber-attacks targeted corporate networks and industrial control systems (ICS) such as process control systems, energy management systems, distribution management systems, and supervisory control and data acquisition systems (SCADA) used to operate generating units, transmission substations, and control centers. The attacks disrupt the ability of power system operators to monitor and control the reliability of the bulk power system (BPS) 15 Forward Together • ReliabilityFirst

  16. Physical Attack Scenario  Simultaneous physical attacks against certain generation, transmission, and control center facilities cause large-scale power outages, while avoiding immediate and deliberate degradation to the level that would move the exercise into black start restoration plan scenarios. Voice and data communications systems used by BPS operations and security personnel are also affected by physical attack, hindering their ability to respond to the situation 16 Forward Together • ReliabilityFirst

  17. Communications Challenges  GridEx IV also provided participating organizations with the opportunity to exercise how they receive and share information with external stakeholders, including customers, local government officials, and the general public 17 Forward Together • ReliabilityFirst

  18. GridEx IV Exercise - Objectives  Exercise incident response plans  Expand local and regional response  Engage critical interdependencies  Improve communication  Gather lessons learned  Engage senior leadership 18 Forward Together • ReliabilityFirst

  19. GridEx IV Exercise - Participation 19 Forward Together • ReliabilityFirst

  20. GridEx Exercise – Lessons Learned  Some exercise scenarios or “moves” require more integration into the master scenario  More active Lead Planners  Greater Cross-Sector Participation  E-ISAC Portal Improvements  EEI and the E-ISAC should work together to further operationalize the Cyber Mutual Assistance (CMA) Program 20 Forward Together • ReliabilityFirst

  21. GridEx IV Exercise – RF Participation  Engaged the EASA, IT, and Corporate Communications Teams, and the CSO  EASA “played” in our normal roles following the master scenario events as played out by electric utilities in our footprint  IT “played” by responding to a custom scenario which was created and played out simulating an RF data breach event 21 Forward Together • ReliabilityFirst

  22. GridEx IV Exercise – RF Participation (cont.)  Corporate Communications “played” following the exercise master scenario events as played out by electric utilities and also responding to the RF data breach event coordinating with IT, the CSO, and Executives  The CSO “played” by responding to and interacting with EASA, IT, Corporate Communications, and Executives for both the master scenario events and the custom RF data breach scenario  Support was provided by the Enforcement Team acting as RF users affected by the RF Data Breach event 22 Forward Together • ReliabilityFirst

  23. GridEx IV Exercise – RF Lessons Learned  Procedure and Process updates  Tools updates and training  Communication protocol updates (internal & external)  Emergency response action updates  Increase RF IT involvement in future exercises to test our response capabilities more completely 23 Forward Together • ReliabilityFirst

  24. GridEx IV Exercise – Follow on Activities  Review and comment on the GridEx IV After Action Report  Review and implement Lessons Learned  Planning for GridEx V in 2019  FERC Cyber Planning for Response and Recovery (CyPReS) Study 24 Forward Together • ReliabilityFirst

  25. Why participate in GridEx Exercises?  It’s fun! Just ask your Lead Planner…  It’s customizable!  Industry participants take part from their regular work locations  Provides an opportunity for utilities to demonstrate how they would respond to and recover from simulated coordinated cyber and physical security threats and incidents  Strengthen your crisis communications relationships 25 Forward Together • ReliabilityFirst

  26. Slide 237 of 237 26 Forward Together • ReliabilityFirst

  27. Questions & Answers Forward Together ReliabilityFirst Forward Together • ReliabilityFirst

  28. Project 2016-02 CI P Modifications Standard Drafting Team Outreach Slides

  29. Agenda • Project 2016-02 Scope • CIP-002  Modifications  Planned and Unplanned Changes • CIP-012  Modifications • Control Center Definition • V5TAG Transition Document  Definitions  Virtualization 29 RELI ABI LI TY | ACCOUNTABI LI TY

  30. SAR – FERC Directives • Per paragraph 53, “…the Commission concludes that modifications to CIP-006-6 to provide controls to protect, at a minimum, communication links and data communicated between bulk electric system Control Centers are necessary in light of the critical role Control Center communications play in maintaining bulk electric system reliability. Therefore, we adopt the NOPR proposal and direct that NERC, pursuant to section 215(d)(5) of the FPA, develop modifications to the CIP Reliability Standards to require responsible entities to implement controls to protect, at a minimum, communication links and sensitive bulk electric system data communicated between bulk electric system Control Centers in a manner that is appropriately tailored to address the risks posed to the bulk electric system by the assets being protected (i.e., high, medium, or low impact).” 30 RELI ABI LI TY | ACCOUNTABI LI TY

  31. SAR – V5TAG I tems • Cyber Asset and BES Cyber Asset (BCA) Definitions  Clarify the intent of “programmable” in Cyber Asset.  Clarify and focus the definition of “BES Cyber Asset” • Network and Externally Accessible Devices  improving clarity within the concepts and requirements • Transmission Owner (TO) Control Centers Performing Transmission Operator (TOP) Obligations  Clarify: o the applicability of requirements on a TO Control Center that performs the functional obligations of a TOP, particularly if the TO has the ability to operate switches, breakers and relays in the BES. o The definition of Control Center. o The language scope of “perform the functional obligations of” throughout the Attachment 1 criteria. 31 RELI ABI LI TY | ACCOUNTABI LI TY

Recommend

We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook:

We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook:

WELCOME! We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook: facebook.com/KentuckyREC Follow us on LinkedIn: linkedin.com/company/kentucky-rec Check out our Website: www.kentuckyrec.com Call us: 859-323-3090

512 views • 33 slides
We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook:

We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook:

WELCOME! We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook: facebook.com/KentuckyREC Follow us on LinkedIn: linkedin.com/company/kentucky-rec Check out our Website: www.kentuckyrec.com Call us: 859-323-3090

315 views • 30 slides
We will begin at 12:30 PM Eastern Follow us on Twitter: @KentuckyREC Like us on Facebook:

We will begin at 12:30 PM Eastern Follow us on Twitter: @KentuckyREC Like us on Facebook:

WELCOME! We will begin at 12:30 PM Eastern Follow us on Twitter: @KentuckyREC Like us on Facebook: facebook.com/KentuckyREC Follow us on LinkedIn: linkedin.com/company/kentucky-rec Check out our Website: www.kentuckyrec.com Call us:

531 views • 35 slides
We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook:

We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook:

Connect w ith Kentucky REC! We will begin at 12:30 PM EST Follow us on Twitter: @KentuckyREC Like us on Facebook: facebook.com/KentuckyREC Follow us on LinkedIn: linkedin.com/company/kentucky-rec Check out our Website: www.kentuckyrec.com Call

505 views • 26 slides
Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association

Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association

Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association @apsenews for Public Service Excellence www.apse.org.uk How are leisure services performing in the UK? Tuesday 28 January 2020 Debbie Johns, Head

929 views • 78 slides
Welcome! 1 Follow AAQEP on Social Media twitter.com/aaqep1 #AAQEP19 linkedin.com/company/aaqep

Welcome! 1 Follow AAQEP on Social Media twitter.com/aaqep1 #AAQEP19 linkedin.com/company/aaqep

Welcome! 1 Follow AAQEP on Social Media twitter.com/aaqep1 #AAQEP19 linkedin.com/company/aaqep 2 Quality in Context: Tackling the Tough Questions Housekeeping Emergency Exits Restrooms Room locations: Medallion Ballroom,

611 views • 32 slides
Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association

Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association

Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association @apsenews for Public Service Excellence www.apse.org.uk Risk and commercialisation: A guide for Scrutiny Mo Baines, APSE, Head of

402 views • 16 slides
Company Presentation Company Presentation Follow DeepOcean Group on Twitter @deepoceangroup

Company Presentation Company Presentation Follow DeepOcean Group on Twitter @deepoceangroup

Company Presentation Company Presentation Follow DeepOcean Group on Twitter @deepoceangroup Join the discussion on LinkedIn: www.linkedin.com/company/deepocean www.deepoceangroup.com Company Presentation HSEQS We believe in an Incident Free

308 views • 9 slides
Join the Conversation on Twitter Use #AMSSAevents to follow the conversation on Twitter and

Join the Conversation on Twitter Use #AMSSAevents to follow the conversation on Twitter and

Join the Conversation on Twitter Use #AMSSAevents to follow the conversation on Twitter and connect with other webinar participants. AMSSA can be found on Twitter @amssabc Tim Foran Immigration, Refugees and Citizenship Canada (IRCC)

1.53k views • 116 slides
The Geography of the Auckland to Hamilton Corridor Ben Ross Twitter: @TalkingAuckland LinkedIn:

The Geography of the Auckland to Hamilton Corridor Ben Ross Twitter: @TalkingAuckland LinkedIn:

The Geography of the Auckland to Hamilton Corridor Ben Ross Twitter: @TalkingAuckland LinkedIn: https://www.linkedin.com/in/benrossakl/ W: www.voakl.net E: Ben.R001@gmail.com Ben Ross. 2018. Geography of the Auckland 1 Source: Greater

454 views • 6 slides
DWP: Our Reform Story For more information contact: corporate.stakeholders@dwp.gsi.gov.uk Follow

DWP: Our Reform Story For more information contact: corporate.stakeholders@dwp.gsi.gov.uk Follow

Updated: February 2014 Next update due: April 2014 DWP: Our Reform Story For more information contact: corporate.stakeholders@dwp.gsi.gov.uk Follow us: twitter.com/dwppressoffice facebook.com/DWP linkedin.com/company/dwp

826 views • 39 slides
Follow us on LinkedIn and @RFirst_Corp onTwitter #RFWorkshop Forward Together

Follow us on LinkedIn and @RFirst_Corp onTwitter #RFWorkshop Forward Together

Follow us on LinkedIn and @RFirst_Corp onTwitter #RFWorkshop Forward Together ReliabilityFirst Understanding the Enforcement Process Patrick OConnor Counsel, RF Maxwell Reisinger Associate Counsel, RF Objectives Gain a better

170 views • 14 slides
Correlated bandits or: How to minimize mean-squared error online 1 LinkedIn Corp. 2 Indian

Correlated bandits or: How to minimize mean-squared error online 1 LinkedIn Corp. 2 Indian

Correlated bandits or: How to minimize mean-squared error online 1 LinkedIn Corp. 2 Indian Institute of Technology Madras. A portion of this work was done while the authors were at University of Maryland, College Park 1 V. Praneeth Boda 1 and

322 views • 8 slides
Call-in to listen: (877) 369-6670 Or listen via web Follow us on Twitter for live updates:

Call-in to listen: (877) 369-6670 Or listen via web Follow us on Twitter for live updates:

Call-in to listen: (877) 369-6670 Or listen via web Follow us on Twitter for live updates: @statereforum #CHWs Call-in #: (877) 369-6670 Integrating Community Health Worker Models Follow us on Twitter for into Evolving State Health Care

652 views • 41 slides
Social Media: A Powerful Personal & Professional Connector How to utilize LinkedIN, Facebook

Social Media: A Powerful Personal & Professional Connector How to utilize LinkedIN, Facebook

Social Media: A Powerful Personal & Professional Connector How to utilize LinkedIN, Facebook and Twitter to build and strengthen bonds. Objectives How are you using Social Media? -learn basic functions of LinkedIN, Facebook and Twitter

274 views • 5 slides
Safeguarding Livestock #AgEvents and Livelihoods Speakers Follow us on Twitter February 26,

Safeguarding Livestock #AgEvents and Livelihoods Speakers Follow us on Twitter February 26,

Participate during the seminar: Safeguarding Livestock #AgEvents and Livelihoods Speakers Follow us on Twitter February 26, 2015 twitter.com/agrilinks Andy Catley, Tufts University Julie March, USAID/OFDA Like us on Facebook Andrew Bisson,

953 views • 66 slides
Achieve Lead Generation Success Top 10 Features You Need To Know Twitter/ContactWSI

Achieve Lead Generation Success Top 10 Features You Need To Know Twitter/ContactWSI

Achieve Lead Generation Success Top 10 Features You Need To Know Twitter/ContactWSI LinkedIn/in/greggtowsley YouTube/ContactWSI Facebook/Towsley Top Ten LinkedIn Features 1. Building Your Profile 2. Niche Words 3. Updating

370 views • 12 slides
Transitions Follow us on twitter @spsp_mh #spspmh5 Agenda 11.15 - 11.20 Introduction

Transitions Follow us on twitter @spsp_mh #spspmh5 Agenda 11.15 - 11.20 Introduction

Communication at Transitions Follow us on twitter @spsp_mh #spspmh5 Agenda 11.15 - 11.20 Introduction Samantha McEwan 11.20 - 11.35 The social context of discharge Ruth Kelly 11.35 - 11.50 The benefit of using Safety Briefings

575 views • 28 slides
Is a 100% remote team possible? Email: jedberg@gmail.com Twitter: @jedberg Web: www.jedberg.net

Is a 100% remote team possible? Email: jedberg@gmail.com Twitter: @jedberg Web: www.jedberg.net

Is a 100% remote team possible? Email: jedberg@gmail.com Twitter: @jedberg Web: www.jedberg.net Jeremy Edberg Facebook: facebook.com/jedberg CoFounder https://www.cloudnative.io Linkedin: www.linkedin.com/in/jedberg Probably! Survey

530 views • 50 slides
In Institutional-Level Assessment in in REF Follow us on Twitter @REF_2021 ARMA, Yor ork, 18

In Institutional-Level Assessment in in REF Follow us on Twitter @REF_2021 ARMA, Yor ork, 18

In Institutional-Level Assessment in in REF Follow us on Twitter @REF_2021 ARMA, Yor ork, 18 18/0 /09/19 Kim im Hac ackett, RE REF Di Director Email us: info@ref.ac.uk Why? From Stern: We should reward those institutions which

464 views • 23 slides
WELCOME SRHS CLASS OF 2024 Twitter Follow: Mr. DalliCardillo - @shoreprincipal Mr. Bruccoleri -

WELCOME SRHS CLASS OF 2024 Twitter Follow: Mr. DalliCardillo - @shoreprincipal Mr. Bruccoleri -

WELCOME SRHS CLASS OF 2024 Twitter Follow: Mr. DalliCardillo - @shoreprincipal Mr. Bruccoleri - @shoreVP Mr. Chebookjian - @shoreathletics Mr. Warner - @GuidanceShore SHORE REGIONAL HIGH SCHOOL Our campus serves students of Monmouth

294 views • 14 slides
How do Computers Compute so Fast? Michael Shah Follow me on Twitter: @MichaelShah

How do Computers Compute so Fast? Michael Shah Follow me on Twitter: @MichaelShah

How do Computers Compute so Fast? Michael Shah Follow me on Twitter: @MichaelShah Michaeldshah.net (coming soon) goandcode.com Pop Quiz (opportunity) What is the fastest route from the Asgard to Fenway Park? longer than blinking an

723 views • 58 slides
Management Follow us on twitter @spsp_mh #spspmh5 Agenda 11.15 - 11.20 Introduction

Management Follow us on twitter @spsp_mh #spspmh5 Agenda 11.15 - 11.20 Introduction

Safer Medicines Management Follow us on twitter @spsp_mh #spspmh5 Agenda 11.15 - 11.20 Introduction Andrew Walker 11.20 - 11.35 Physical health awareness in Mental Health Jacqui Scott 11.35 - 11.50 As required medication, monitoring

768 views • 39 slides
Data for Insurance Question #1 How many of you have More than 200 LinkedIn contacts? An

Data for Insurance Question #1 How many of you have More than 200 LinkedIn contacts? An

Next Generation Data for Insurance Question #1 How many of you have More than 200 LinkedIn contacts? An email address that has been active for more than 5 years? A private Facebook or Twitter Profile? You are very un unlikely likely to

469 views • 14 slides

More recommend