Patrick Miller, NESCO's Principal Investigation, presented the current state of the NESCO program. This presentation covered the various outreach efforts we have planned this year and into 2013; the goals of the NESCO program project management plan; the new NESCO website and the community-based wiki activities; and, the NESCO organizational membership opportunity.
1. NESCO Update: Year Two
Webinar
National Electric Sector Cybersecurity Organization
September 7 2012
2. Webinar Logistics
All participants are muted
Ask questions via GoToMeeting Q&A
panel
Use Twitter hashtag #NESCO
Webinar is being recorded
Presentation and recorded webinar will be
available at www.us-nesco.org
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 2
3. NESCO Legislative Origin
R. 3183 “...the Secretary shall establish an
independent national energy sector cyber security
organization...”
– Department Of Energy issued FOA on March 31, 2010
Purpose is to “establish a National Electric Sector
Cyber Security Organization that has the
knowledge, capabilities, and experience to protect the
electric grid and enhance integration of smart grid
technologies that are adequately protected against
cyber attacks.”
“This organization will serve as a focal point to bring
together domestic and international
experts, developers, and users who will assess and
test the security of novel
technology, architectures, and applications.”
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 3
4. NESCO Objectives
Mission: Establish a broad-based, public-private partnership to
advance electric sector cybersecurity as the security voice of
the electric industry
Objectives:
Organize, lead & implement public-private partnership
Focus cybersecurity R&D priorities
Identify and disseminate security best practices
Organize the collection, analysis and dissemination of
infrastructure vulnerabilities and threats
Work cooperatively w/ DOE & other Federal Agencies
Enhance cybersecurity of the bulk power grid and electric
infrastructure
9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 4
5. NESCO Platform
IOU Non-Reg
Muni Regulatory
Co-op State, Fed,
IPP Local
Utility Govt
Academic Vendor
EPRI
Product
Natl Labs
Service
TCIPG
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 5
6. Connect & Support
Utility
Asset
Owners
9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 6
7. NESCO Distilled
NESCO Staff and Advisory Board
NESCOR partnerships
Outreach
– Town Hall Meetings
– Voice of the Industry (VOI)
– Webinars
Tactical Analysis Center (TAC)
– Community-sourced tactical cybersecurity
– Daily Handlers Diary
– Rapid Notification System
– Subscriber Reports and Briefings
Resources
– Best Practices
– Organizations
– Publications
– Presentations
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 7
8. NESCO Advisory Board
Heavily weighted toward utility asset owners
– IOUs, Munis, Co-ops, IPPs
Representation from Trade Organizations
– EEI, APPA, NRECA, UTC
Representation from Federal agencies
– DOE, DHS (invited), DOD (invited)
Representation from research and forums
– EPRI, NATF, NAGF (invited)
Representation from sector Vendor
community
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 8
9. Community Growth
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 9
10. Community Overview
NESCO Members of Sept 30 2011 (1
year)
– 788 NESCO members
– 278 unique organizations
NESCO Members as of Sept 7 2012:
– 1083 individuals
– 381 unique organizations
Note: This represents a nearly 50% annual
growth rate
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 10
11. Community Demographics
1,083 Individual members 381 unique organizations
Predominately Asset Owner Driven Membership Base
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 11
12. NESCO Membership Stats
Individual Members Organizational
– Academic: 25 Members
– Asset Owner: 666 – Academic: 18
– Govt/Regulatory: 122 – Asset Owner: 180
– Vendor/Other: 270 – Govt/Regulatory: 43
– Total : 1083 – Vendor/Other: 140
– Total : 381
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 12
13. NESCO Social Media Stats
NESCO mailing list: 4040
NESCO Twitter followers: 5579
NESCO LinkedIn group members: 547
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 13
14. NESCO Outreach Stats
3 Town Hall meetings
19 Voice of the Industry (VOI)
meetings
101 TAC notices
– 171 follow up threads
79 presentations/panels
97 event participation
41 blog mentions
46 interviews and article citations
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 14
15. NESCO Town Hall Meetings
Town Hall format
– Single cybersecurity topic of interest to the electric sector
– Openly discuss problems and solutions with all relevant
parties
Refining Town Hall program
– Half day events
– Higher frequency (4-6), regional venues
Next Town Hall is…
– Topic: Cybersecurity Legislation – Building a Bridge
Between the Possible & the Practical
– Keynote from Hon. Pat Hoffman, Asst Sec of Energy, US
DOE
– Between EnergySec Summit and CISO Forum
– September 27, 2012 in Portland, OR
– http://bit.ly/NESCOTownHallPDX2012
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 15
16. NESCO Voice of the Industry
Attached to existing cybersecurity events
High frequency, geographic distribution
Open participation
Unscripted, no agenda
NESCO staff is there to listen
Aggregate and anonymize discussion topics
Use the data to advocate for industry causes
and to inform interested parties
VOI calendar can be found at www.us-
nesco.org
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 16
17. NESCO Webinars
Topics of interest to electric sector
cybersecurity professionals
May partner with solution providers
1-2 per month
Calendar can be found at www.us-
nesco.org
Let us know if you have suggestions!
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 17
18. NESCO Tactical Analysis
Center
Supports ES-ISAC and ICS-CERT
Open & private source intelligence
Asset owner volunteer handler
SMEs with virtual analysis tools
Rapid, community-sourced analysis
Secure communications
Rapid Notification System
Daily diaries, briefings
Quarterly & annual reports
9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 18
19. ES-ISAC, ICS-CERT and TAC
An analogy… first responder, emergency and
long term care
Basic TAC differentiators
– Operated by an independent non-profit org
– Not associated with a federal regulatory agency
• DOE partner is non-regulatory
• Funding expires in 2014, only “seed” money provided
• Funding model involves cost-share, so industry bears
cost throughout entire effort
– Electric sector specific
– Provides feeds to NERC & DHS if authorized by
utility
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 19
20. ES-ISAC, ICS-CERT and TAC
Additional TAC differentiators
– Covers all electric utilities; smart
grid, distribution, QF
– NESCO staff work alongside industry handlers
– RNS has direct access to security staff
– Volunteer reporting structure, not mandatory
– Private position offers unique vendor
relationships
– Anonymized pass through for bi-directional
sharing
– Learn more at http://grids.ec/TACWebinar
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 20
21. NESCO Community
Technology
Confluence collaboration suite
– wiki, social media, blog, distribution
lists, document management, etc…
Strong focus on building electric
industry communities
– Can be public or private/restricted
Can provide “instant” forums,
distribution lists, etc for electric
industry cybersecurity groups
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 21
22. NEW! NESCO Website
http://www.us-nesco.org
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 22
23. NESCO Roadmap
Membership program
Additional TAC services
– Patch management notification
– Higher service levels
Best practices repository
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 23
24. NESCO Summary
Building trust through relationships
to foster collaboration in electric
sector
Flexible technology facilitates rapid
tactical analysis and catalyzes best
practices for future strategic efforts
Supports and promotes existing
successful cybersecurity programs
Security voice of the electric sector
9/7/2012 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy 24
25. NESCO Needs You
Volunteer programs
– Tactical Analysis Center
– Best Practices Repository
– Community-driven efforts (Working
Groups, task force, whitepapers, etc)
Financial support
– NESCO must be sustained by
industry
– TAC subscriptions
– Organizational or individual
membership
– Donations/sponsorships
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 25
26. Questions?
Patrick C Miller
Principal Investigator, National Electric Sector Cybersecurity Organization
President & CEO, EnergySec
patrick.miller@energysec.org
503.446.1212 (desk)
Powered by @patrickcmiller (twitter)
www.energysec.org
The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
9/7/2012
with funding assistance from the U.S. Department of Energy 26