SlideShare una empresa de Scribd logo

NESCO Year 2 Overview

Descargar como PPTX, PDF
EnergySec
EnergySec

Patrick Miller, NESCO's Principal Investigation, presented the current state of the NESCO program. This presentation covered the various outreach efforts we have planned this year and into 2013; the goals of the NESCO program project management plan; the new NESCO website and the community-based wiki activities; and, the NESCO organizational membership opportunity.

TecnologíaEmpresariales
1 de 26
NESCO Update: Year Two Webinar National Electric Sector Cybersecurity Organization September 7 2012
Webinar Logistics  All participants are muted  Ask questions via GoToMeeting Q&A panel  Use Twitter hashtag #NESCO  Webinar is being recorded  Presentation and recorded webinar will be available at www.us-nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 2
NESCO Legislative Origin  R. 3183 “...the Secretary shall establish an independent national energy sector cyber security organization...” – Department Of Energy issued FOA on March 31, 2010  Purpose is to “establish a National Electric Sector Cyber Security Organization that has the knowledge, capabilities, and experience to protect the electric grid and enhance integration of smart grid technologies that are adequately protected against cyber attacks.”  “This organization will serve as a focal point to bring together domestic and international experts, developers, and users who will assess and test the security of novel technology, architectures, and applications.” The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 3
NESCO Objectives Mission: Establish a broad-based, public-private partnership to advance electric sector cybersecurity as the security voice of the electric industry Objectives:  Organize, lead & implement public-private partnership  Focus cybersecurity R&D priorities  Identify and disseminate security best practices  Organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats  Work cooperatively w/ DOE & other Federal Agencies  Enhance cybersecurity of the bulk power grid and electric infrastructure 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 4
NESCO Platform IOU Non-Reg Muni Regulatory Co-op State, Fed, IPP Local Utility Govt Academic Vendor EPRI Product Natl Labs Service TCIPG The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 5
Connect & Support Utility Asset Owners 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 6
NESCO Distilled  NESCO Staff and Advisory Board  NESCOR partnerships  Outreach – Town Hall Meetings – Voice of the Industry (VOI) – Webinars  Tactical Analysis Center (TAC) – Community-sourced tactical cybersecurity – Daily Handlers Diary – Rapid Notification System – Subscriber Reports and Briefings  Resources – Best Practices – Organizations – Publications – Presentations The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 7
NESCO Advisory Board  Heavily weighted toward utility asset owners – IOUs, Munis, Co-ops, IPPs  Representation from Trade Organizations – EEI, APPA, NRECA, UTC  Representation from Federal agencies – DOE, DHS (invited), DOD (invited)  Representation from research and forums – EPRI, NATF, NAGF (invited)  Representation from sector Vendor community The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 8
Community Growth The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 9
Community Overview  NESCO Members of Sept 30 2011 (1 year) – 788 NESCO members – 278 unique organizations  NESCO Members as of Sept 7 2012: – 1083 individuals – 381 unique organizations Note: This represents a nearly 50% annual growth rate The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 10
Community Demographics 1,083 Individual members 381 unique organizations Predominately Asset Owner Driven Membership Base The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 11
NESCO Membership Stats  Individual Members  Organizational – Academic: 25 Members – Asset Owner: 666 – Academic: 18 – Govt/Regulatory: 122 – Asset Owner: 180 – Vendor/Other: 270 – Govt/Regulatory: 43 – Total : 1083 – Vendor/Other: 140 – Total : 381 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 12
NESCO Social Media Stats  NESCO mailing list: 4040  NESCO Twitter followers: 5579  NESCO LinkedIn group members: 547 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 13
NESCO Outreach Stats  3 Town Hall meetings  19 Voice of the Industry (VOI) meetings  101 TAC notices – 171 follow up threads  79 presentations/panels  97 event participation  41 blog mentions  46 interviews and article citations The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 14
NESCO Town Hall Meetings  Town Hall format – Single cybersecurity topic of interest to the electric sector – Openly discuss problems and solutions with all relevant parties  Refining Town Hall program – Half day events – Higher frequency (4-6), regional venues  Next Town Hall is… – Topic: Cybersecurity Legislation – Building a Bridge Between the Possible & the Practical – Keynote from Hon. Pat Hoffman, Asst Sec of Energy, US DOE – Between EnergySec Summit and CISO Forum – September 27, 2012 in Portland, OR – http://bit.ly/NESCOTownHallPDX2012 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 15
NESCO Voice of the Industry  Attached to existing cybersecurity events  High frequency, geographic distribution  Open participation  Unscripted, no agenda  NESCO staff is there to listen  Aggregate and anonymize discussion topics  Use the data to advocate for industry causes and to inform interested parties  VOI calendar can be found at www.us- nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 16
NESCO Webinars  Topics of interest to electric sector cybersecurity professionals  May partner with solution providers  1-2 per month  Calendar can be found at www.us- nesco.org  Let us know if you have suggestions! The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 17
NESCO Tactical Analysis Center  Supports ES-ISAC and ICS-CERT  Open & private source intelligence  Asset owner volunteer handler SMEs with virtual analysis tools  Rapid, community-sourced analysis  Secure communications  Rapid Notification System  Daily diaries, briefings  Quarterly & annual reports 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 18
ES-ISAC, ICS-CERT and TAC  An analogy… first responder, emergency and long term care  Basic TAC differentiators – Operated by an independent non-profit org – Not associated with a federal regulatory agency • DOE partner is non-regulatory • Funding expires in 2014, only “seed” money provided • Funding model involves cost-share, so industry bears cost throughout entire effort – Electric sector specific – Provides feeds to NERC & DHS if authorized by utility The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 19
ES-ISAC, ICS-CERT and TAC  Additional TAC differentiators – Covers all electric utilities; smart grid, distribution, QF – NESCO staff work alongside industry handlers – RNS has direct access to security staff – Volunteer reporting structure, not mandatory – Private position offers unique vendor relationships – Anonymized pass through for bi-directional sharing – Learn more at http://grids.ec/TACWebinar The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 20
NESCO Community Technology  Confluence collaboration suite – wiki, social media, blog, distribution lists, document management, etc…  Strong focus on building electric industry communities – Can be public or private/restricted  Can provide “instant” forums, distribution lists, etc for electric industry cybersecurity groups The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 21
NEW! NESCO Website http://www.us-nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 22
NESCO Roadmap  Membership program  Additional TAC services – Patch management notification – Higher service levels  Best practices repository The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 23
NESCO Summary  Building trust through relationships to foster collaboration in electric sector  Flexible technology facilitates rapid tactical analysis and catalyzes best practices for future strategic efforts  Supports and promotes existing successful cybersecurity programs  Security voice of the electric sector 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 24
NESCO Needs You  Volunteer programs – Tactical Analysis Center – Best Practices Repository – Community-driven efforts (Working Groups, task force, whitepapers, etc)  Financial support – NESCO must be sustained by industry – TAC subscriptions – Organizational or individual membership – Donations/sponsorships The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 25
Questions? Patrick C Miller Principal Investigator, National Electric Sector Cybersecurity Organization President & CEO, EnergySec patrick.miller@energysec.org 503.446.1212 (desk) Powered by @patrickcmiller (twitter) www.energysec.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 26

Recomendados

EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITEnergySec
 
Gender and Energy
Gender and EnergyGender and Energy
Gender and Energyreeep
 
Silicon Energy Washington State Introduction Packet
Silicon Energy Washington State Introduction PacketSilicon Energy Washington State Introduction Packet
Silicon Energy Washington State Introduction PacketSilicon Energy
 
SERA Email 1.21.03
SERA Email 1.21.03SERA Email 1.21.03
SERA Email 1.21.03Obama White House
 
Project 2011 April
Project 2011 AprilProject 2011 April
Project 2011 AprilCGC CGC
 
Empowering Energy Efficiency in Federal Data Centers
Empowering Energy Efficiency in Federal Data CentersEmpowering Energy Efficiency in Federal Data Centers
Empowering Energy Efficiency in Federal Data Centers1E: Software Lifecycle Automation
 
North American Generator Forum Update
North American Generator Forum UpdateNorth American Generator Forum Update
North American Generator Forum UpdateEnergySec
 

Recomendados

EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITEnergySec
 
Gender and Energy
Gender and EnergyGender and Energy
Gender and Energyreeep
 
Silicon Energy Washington State Introduction Packet
Silicon Energy Washington State Introduction PacketSilicon Energy Washington State Introduction Packet
Silicon Energy Washington State Introduction PacketSilicon Energy
 
SERA Email 1.21.03
SERA Email 1.21.03SERA Email 1.21.03
SERA Email 1.21.03Obama White House
 
Project 2011 April
Project 2011 AprilProject 2011 April
Project 2011 AprilCGC CGC
 
Empowering Energy Efficiency in Federal Data Centers
Empowering Energy Efficiency in Federal Data CentersEmpowering Energy Efficiency in Federal Data Centers
Empowering Energy Efficiency in Federal Data Centers1E: Software Lifecycle Automation
 
North American Generator Forum Update
North American Generator Forum UpdateNorth American Generator Forum Update
North American Generator Forum UpdateEnergySec
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...TheAnfieldGroup
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...EnergySec
 
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...EnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsEnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
NESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewNESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewEnergySec
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David WollmanMaRS Discovery District
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
10. maarten noeninckx isgan - international smart grid action network
10. maarten noeninckx isgan - international smart grid action network10. maarten noeninckx isgan - international smart grid action network
10. maarten noeninckx isgan - international smart grid action networkImplementing_Agreements
 
White House Smart Grid Strategy for 21st Century
White House Smart Grid Strategy for 21st CenturyWhite House Smart Grid Strategy for 21st Century
White House Smart Grid Strategy for 21st CenturyUCSD-Strategic-Energy
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 

Más contenido relacionado

Similar a NESCO Year 2 Overview

Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...TheAnfieldGroup
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...EnergySec
 
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...EnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsEnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
NESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewNESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewEnergySec
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David WollmanMaRS Discovery District
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
10. maarten noeninckx isgan - international smart grid action network
10. maarten noeninckx isgan - international smart grid action network10. maarten noeninckx isgan - international smart grid action network
10. maarten noeninckx isgan - international smart grid action networkImplementing_Agreements
 
White House Smart Grid Strategy for 21st Century
White House Smart Grid Strategy for 21st CenturyWhite House Smart Grid Strategy for 21st Century
White House Smart Grid Strategy for 21st CenturyUCSD-Strategic-Energy
 

Similar a NESCO Year 2 Overview (20)

Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric Sector
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric Sector
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer Look
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription Webinar
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
 
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business Perspective
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overview
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity Requirements
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity Briefing
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD Meeting
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD Meeting
 
NESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewNESCO/NESCOR Joint Overview
NESCO/NESCOR Joint Overview
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot Camp
 
Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David Wollman
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
10. maarten noeninckx isgan - international smart grid action network
10. maarten noeninckx isgan - international smart grid action network10. maarten noeninckx isgan - international smart grid action network
10. maarten noeninckx isgan - international smart grid action network
 
White House Smart Grid Strategy for 21st Century
White House Smart Grid Strategy for 21st CenturyWhite House Smart Grid Strategy for 21st Century
White House Smart Grid Strategy for 21st Century
 

Más de EnergySec

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...EnergySec
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyEnergySec
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...EnergySec
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityEnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachEnergySec
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!EnergySec
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueEnergySec
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherEnergySec
 

Más de EnergySec (20)

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each Other
 

Último

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 

Último (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 

NESCO Year 2 Overview

  • 1. NESCO Update: Year Two Webinar National Electric Sector Cybersecurity Organization September 7 2012
  • 2. Webinar Logistics  All participants are muted  Ask questions via GoToMeeting Q&A panel  Use Twitter hashtag #NESCO  Webinar is being recorded  Presentation and recorded webinar will be available at www.us-nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 2
  • 3. NESCO Legislative Origin  R. 3183 “...the Secretary shall establish an independent national energy sector cyber security organization...” – Department Of Energy issued FOA on March 31, 2010  Purpose is to “establish a National Electric Sector Cyber Security Organization that has the knowledge, capabilities, and experience to protect the electric grid and enhance integration of smart grid technologies that are adequately protected against cyber attacks.”  “This organization will serve as a focal point to bring together domestic and international experts, developers, and users who will assess and test the security of novel technology, architectures, and applications.” The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 3
  • 4. NESCO Objectives Mission: Establish a broad-based, public-private partnership to advance electric sector cybersecurity as the security voice of the electric industry Objectives:  Organize, lead & implement public-private partnership  Focus cybersecurity R&D priorities  Identify and disseminate security best practices  Organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats  Work cooperatively w/ DOE & other Federal Agencies  Enhance cybersecurity of the bulk power grid and electric infrastructure 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 4
  • 5. NESCO Platform IOU Non-Reg Muni Regulatory Co-op State, Fed, IPP Local Utility Govt Academic Vendor EPRI Product Natl Labs Service TCIPG The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 5
  • 6. Connect & Support Utility Asset Owners 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 6
  • 7. NESCO Distilled  NESCO Staff and Advisory Board  NESCOR partnerships  Outreach – Town Hall Meetings – Voice of the Industry (VOI) – Webinars  Tactical Analysis Center (TAC) – Community-sourced tactical cybersecurity – Daily Handlers Diary – Rapid Notification System – Subscriber Reports and Briefings  Resources – Best Practices – Organizations – Publications – Presentations The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 7
  • 8. NESCO Advisory Board  Heavily weighted toward utility asset owners – IOUs, Munis, Co-ops, IPPs  Representation from Trade Organizations – EEI, APPA, NRECA, UTC  Representation from Federal agencies – DOE, DHS (invited), DOD (invited)  Representation from research and forums – EPRI, NATF, NAGF (invited)  Representation from sector Vendor community The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 8
  • 9. Community Growth The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 9
  • 10. Community Overview  NESCO Members of Sept 30 2011 (1 year) – 788 NESCO members – 278 unique organizations  NESCO Members as of Sept 7 2012: – 1083 individuals – 381 unique organizations Note: This represents a nearly 50% annual growth rate The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 10
  • 11. Community Demographics 1,083 Individual members 381 unique organizations Predominately Asset Owner Driven Membership Base The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 11
  • 12. NESCO Membership Stats  Individual Members  Organizational – Academic: 25 Members – Asset Owner: 666 – Academic: 18 – Govt/Regulatory: 122 – Asset Owner: 180 – Vendor/Other: 270 – Govt/Regulatory: 43 – Total : 1083 – Vendor/Other: 140 – Total : 381 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 12
  • 13. NESCO Social Media Stats  NESCO mailing list: 4040  NESCO Twitter followers: 5579  NESCO LinkedIn group members: 547 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 13
  • 14. NESCO Outreach Stats  3 Town Hall meetings  19 Voice of the Industry (VOI) meetings  101 TAC notices – 171 follow up threads  79 presentations/panels  97 event participation  41 blog mentions  46 interviews and article citations The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 14
  • 15. NESCO Town Hall Meetings  Town Hall format – Single cybersecurity topic of interest to the electric sector – Openly discuss problems and solutions with all relevant parties  Refining Town Hall program – Half day events – Higher frequency (4-6), regional venues  Next Town Hall is… – Topic: Cybersecurity Legislation – Building a Bridge Between the Possible & the Practical – Keynote from Hon. Pat Hoffman, Asst Sec of Energy, US DOE – Between EnergySec Summit and CISO Forum – September 27, 2012 in Portland, OR – http://bit.ly/NESCOTownHallPDX2012 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 15
  • 16. NESCO Voice of the Industry  Attached to existing cybersecurity events  High frequency, geographic distribution  Open participation  Unscripted, no agenda  NESCO staff is there to listen  Aggregate and anonymize discussion topics  Use the data to advocate for industry causes and to inform interested parties  VOI calendar can be found at www.us- nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 16
  • 17. NESCO Webinars  Topics of interest to electric sector cybersecurity professionals  May partner with solution providers  1-2 per month  Calendar can be found at www.us- nesco.org  Let us know if you have suggestions! The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 17
  • 18. NESCO Tactical Analysis Center  Supports ES-ISAC and ICS-CERT  Open & private source intelligence  Asset owner volunteer handler SMEs with virtual analysis tools  Rapid, community-sourced analysis  Secure communications  Rapid Notification System  Daily diaries, briefings  Quarterly & annual reports 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 18
  • 19. ES-ISAC, ICS-CERT and TAC  An analogy… first responder, emergency and long term care  Basic TAC differentiators – Operated by an independent non-profit org – Not associated with a federal regulatory agency • DOE partner is non-regulatory • Funding expires in 2014, only “seed” money provided • Funding model involves cost-share, so industry bears cost throughout entire effort – Electric sector specific – Provides feeds to NERC & DHS if authorized by utility The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 19
  • 20. ES-ISAC, ICS-CERT and TAC  Additional TAC differentiators – Covers all electric utilities; smart grid, distribution, QF – NESCO staff work alongside industry handlers – RNS has direct access to security staff – Volunteer reporting structure, not mandatory – Private position offers unique vendor relationships – Anonymized pass through for bi-directional sharing – Learn more at http://grids.ec/TACWebinar The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 20
  • 21. NESCO Community Technology  Confluence collaboration suite – wiki, social media, blog, distribution lists, document management, etc…  Strong focus on building electric industry communities – Can be public or private/restricted  Can provide “instant” forums, distribution lists, etc for electric industry cybersecurity groups The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 21
  • 22. NEW! NESCO Website http://www.us-nesco.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 22
  • 23. NESCO Roadmap  Membership program  Additional TAC services – Patch management notification – Higher service levels  Best practices repository The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 23
  • 24. NESCO Summary  Building trust through relationships to foster collaboration in electric sector  Flexible technology facilitates rapid tactical analysis and catalyzes best practices for future strategic efforts  Supports and promotes existing successful cybersecurity programs  Security voice of the electric sector 9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 24
  • 25. NESCO Needs You  Volunteer programs – Tactical Analysis Center – Best Practices Repository – Community-driven efforts (Working Groups, task force, whitepapers, etc)  Financial support – NESCO must be sustained by industry – TAC subscriptions – Organizational or individual membership – Donations/sponsorships The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 25
  • 26. Questions? Patrick C Miller Principal Investigator, National Electric Sector Cybersecurity Organization President & CEO, EnergySec patrick.miller@energysec.org 503.446.1212 (desk) Powered by @patrickcmiller (twitter) www.energysec.org The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 9/7/2012 with funding assistance from the U.S. Department of Energy 26