Utilities and NERC Compliance

The Bit9 Security Platform enables utilities to effectively monitor security configurations, lock down critical systems and improve NERC audit readiness.

The Challenge

In an effort to preserve the safe delivery of electricity, the North American Electric Reliability Corporation (NERC) has established standards, guidelines and best practices to address cyber security and the protection of critical infrastructure.

The goal of these Critical Infrastructure Protection (CIP) standards is to help owners and operators prevent cyber attacks on their critical infrastructure, including supervisory control and data acquisition (SCADA) systems.

Threats are becoming increasingly real as SCADA systems and networks run commercially available software and have IP connectivity. This has increased vulnerability in industrial enterprises ranging from mining facilities and utility installations to oil refineries and gas production plants.

SCADA system operators must ensure the integrity of the systems that monitor critical infrastructure. Should these monitoring systems become compromised from malicious or inadvertent software changes, then the service being provided is at risk.

The Bit9 Security Platform can help ensure the integrity of SCADA monitoring systems by:

  • Preventing unauthorized software: All new software is validated and checked against an authorized list.
  • Blocking unauthorized portable storage devices: Unauthorized USB drives, CDs, hard drives and other devices can be blocked by device type or even specific serial number.
  • Auditing all software changes: Record all changes to applications to provide an audit trail and accountability.

Helping Achieve Compliance

By eliminating vulnerable and malicious applications and delivering configuration, change and process controls, Bit9 helps utilities achieve compliance:

  • Proactive monitoring and control of configurations
  • Identification of cyber assets
  • Prevent all malware, targeted attacks and unauthorized applications
  • Discover and monitor all software changes
  • Control the use of removable storage devices

NERC CIP (Critical Infrastructure Protection) Compliance

North American Electric Reliability Council (NERC) was formed in 1968 by the electric utility industry to promote the reliability and adequacy of bulk power supply in the electric utility systems of North America. The NERC CIP consists of eight regional reliability councils and encompasses essentially all the power systems of the contiguous United States, Canada and part of Mexico.

The NERC CIP eight reliability standards consist of 160 requirements and it is the most taxing regulation that electric and power companies must address.  As of July 1, 2010, utility companies must be able to provide auditable compliance. Failure to provide auditable evidence of compliance will mean the risk of up to $1 million per day, per CIP violation.

Bit9′s trust-based security platform simultaneously helps address NERC CIP-007, R3 (security patching); CIP-007, R4 (anti-malware); and NERC CIP-003, R6 (change control and configuration management) as well as other requirements. In addition, by being able to characterize and classify cyber security incidents and maintain the logs files even after an attacked device has been removed from the environment, the Bit9 Security Platform can also address CIP-008 R1.1 and R2.

The Bit9 Security Platform helps ensure the integrity of SCADA monitoring systems by:

  • Preventing unauthorized software: All new software is validated and checked against a list of authorized changes
  • Blocking unauthorized portable storage devices: Unauthorized thumb drives, CDs, hard drives and other devices can be blocked by device type or even specific serial number
  • Auditing all software changes: Record all changes to applications to provide an audit trail and accountability