NERC CIP | Dell SecureWorks

NERC CIP

NERC CIP Utility Compliance Solutions

NERC CIPThe North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to “ensure that the bulk electric system in North America is reliable, adequate and secure.” As the federally designated Electric Reliability Organization (ERO) in North America, NERC maintains comprehensive reliability standards that define requirements for planning and operating the collective bulk power system. Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which are intended to ensure the protection of the Critical Cyber Assets that control or effect the reliability of North America’s bulk electric systems.

In 2006, the Federal Energy Regulatory Commission (FERC) approved the Security and Reliability Standards proposed by NERC, making the CIP Cyber Security Standards mandatory and enforceable across all users, owners and operators of the bulk-power system.

Dell SecureWorks has extensive experience partnering with utility providers and we can help you improve your security and compliance posture while reducing costs. As described below, many of our Managed Security Services align directly with the NERC CIP Standards, allowing you to easily meet and exceed the requirements they set forth.

NERC CIP Cyber Security Standards

Standard

Summary of Requirements

Solutions

CIP-003 Security Management Controls

Policies with adherence monitoring and change control must be documented and in place.

Change control policies and processes must be adhered to.

Definitions and documentation on access control levels for critical assets such as Internet facing systems and critical backend solutions. Solutions should be in place to mitigate risks.

    How does Dell SecureWorks Help?

  • Managed Firewall
  • Managed Intrusion Prevention and Detection

 

CIP-005 Electronic Security Protection

An Electronic Security Perimeter should be established that provides the following:

  • Disable ports and services that are not required
  • Monitor and Log Access 24x7x365
  • Perform Annual Vulnerability Assessments (at a minimum)
  • Documentation of Network Changes

    How does Dell SecureWorks Help?

  • Managed Firewall
  • Security Monitoring

 

CIP-007 Systems Security Management

All methods, processes and procedures for securing Critical Assets and all technology solutions should be well-defined and include automated controls. System and network events should be monitored automatically with alerts sent to key personnel.

An annual vulnerability assessment should be performed.

    How does Dell SecureWorks Help?

  • Managed Intrusion Prevention and Detection
  • Managed Host Intrusion Prevention
  • Security Monitoring
  • SIM On-Demand

 

CIP-008 Incident Response and Reporting

All cyber security incidents should be addressed by an internal computer incident response team (CIRT) and reported to the Electricity Sector Information Sharing and Analysis Center (ES ISAC).

    How does Dell SecureWorks Help?

  • Managed Firewall
  • Managed Intrusion Prevention and Detection
  • Managed Host Intrusion Prevention
  • Security Monitoring
  • SIM On-Demand

 

Additional Resources

Security Services for Utilities

energysec-founders

Next Steps

Contact Us Call Us Today
(877) 838-7947
UK +44 131 260 3044

ENTERPRISE SOLUTIONS

SMB SOLUTIONS

Online Tools

  • Print this Page
  • Share This Resource






By completing this form you'll be opting in to receiving future communications about products and services from Dell SecureWorks.