NERC CIP Compliance Bootcamp – Knoxville, TN – June 19-20, 2013

In partnership with EnerNex:



EnergySec is pleased to offer a two-day NERC CIP Compliance Bootcamp in Knoxville, TN at the EnerNex headquarters. Be sure to join us for an evening demonostration at the EnerNex Smart Grid Lab – stay tuned for more details!!  SEATS ARE LIMITED TO THE FIRST 30 REGISTRATIONS


Logistics: EnerNex Headquarters. Located in the Offices at Water’s Edge, this three-building office campus sits on Mabry Hood Road, right off of Dutchtown Road from Pellissippi Parkway. For local hotels, things to do and places to eat, check out this document put together by EnerNex!

620 Mabry Hood Road, Suite 300 Knoxville, TN 37932 | Phone: 865-218-4600

Day 1 – NERC CIP Complaince Overview Description

This full day interactive course, taught by former NERC CIP auditors and NERC Certified System Reliability Operators, will address cyber security solutions and methods to help secure the power grid and meet the NERC CIP standard requirements. Their hands-on utility experience, along with a keen understanding of what is needed to demonstrate compliance, has been distilled into a one day course.

Cyber security is constantly evolving. Consequently, the regulatory landscape needs to keep up with these changing tides in order to assure that there is a consistent and adequate measure of security discipline being applied to the power grid. Discovering ways to efficiently and effectively apply good security practice and meet regulatory obligations at the same time is not easy. This training program is designed to arm the attendees with the tools and knowledge necessary to build a security program that will help your organization achieve that goal.

The instructors will cover NERC CIP version 4 and 5 providing insight into how they are likely to impact your organization.


08:00am – 08:15am – Introduction

08:15am – 09:00am – Unit 1: Terminology 101

09:00am – 09:30am – Unit 2: CIP-002 – What are we trying to protect

09:30am – 10:00am – Unit 3: CIP-003 – Policy & Governance

10:00am – 10:15am BREAK

10:15am – 10:45am – Unit 4: CIP-004 – Personnel Security

10:45am – 12:00pm – Unit 5: CIP-005 – Electronic Perimeters

12:00pm – 12:30am LUNCH

12:30pm – 01:30pm – Unit 6: CIP-006 – Physical Perimeters

01:30pm – 02:30pm – Unit 7: CIP-007 – System Security

02:30pm – 02:45pm BREAK

02:45pm – 03:15pm – Unit 7: CIP-007 – System Security (continued)

03:15pm – 03:45pm – Unit 8: CIP-008 – Incident Response

03:45pm – 04:15pm – Unit 9: CIP-009 – Disaster Recovery

04:15pm – 04:45pm – Unit 10: Tips for Compliance Audit Success

04:45pm – 05:00pm – Parking Lot, Q&A

Day 2 – CIP-005/CIP-007 Course Description

This one day course focuses on CIP-005 and CIP-007, the two most technically oriented of the CIP standards. The requirements of these standards will be covered in depth with detailed technical discussions of tools, techniques, and approaches to both improve security and maintain compliance. The course instructor, Steve Parker, has extensive experience in cybersecurity and is a former NERC CIP auditor with significant practical experience in the field.

This course is designed for utility IT, security, compliance, and operations staff and other industry professionals seeking a detailed understanding of these two standards.

In addition to covering versions 3 and 4 of the CIP standards, this course will discuss changes in the proposed version 5 and offer approaches to future-proof compliance and security activities.



08:00 am – 08:15 am – Introduction

08:15 am – 09:00 am – Unit 1: The ESP – Design and Documentation

09:00 am – 09:30 am – Unit 2: Access Point Controls

09:30 am – 10:00 am – Unit 3: Access Control and Monitoring Devices

10:00 am – 10:15 am – BREAK

10:15 am – 10:45 am – Unit 4: Perimeter Monitoring

10:45 am – 11:15 pm – Unit 5: Cyber Vulnerability Assessments

11:15 pm – 12:00 pm – Unit 6: Remote Access

12:00 pm – 12:30 pm – LUNCH

12:30 pm – 01:30 pm – Unit 7: Security Testing

01:30 pm – 02:00 pm – Unit 8: Ports and Services

02:00 pm – 02:30 pm – Unit 9: Patch Management

02:30 pm – 02:45 pm – BREAK

02:45 pm – 03:15 pm – Unit 10: Malware Defenses

03:15 pm – 04:00 pm – Unit 11: Access Management

04:00 pm – 04:30 pm – Unit 12: Security Event Monitoring

04:30 pm – 05:00 pm – Q&A and Wrap-up

Instructor Biographies

Steve ParkerSteven  Parker – CISSP, CISA | EnergySec

Steven Parker, CISA, CISSP, is the EnergySec Vice President of Technology Research and Projects.with the Energy Sector Security Consortium (EnergySec).  He was part of the grassroots effort that led to the formation of EnergySec, and has served on its board of directors since 2008.

Steven’s experience includes more than a decade of full-time security work at critical infrastructure organizations including the Western Electricity Coordinating Council, PacifiCorp, and US Bank.  He has contributed to a broad range of security projects covering areas such as e-commerce, identity management, intrusion detection, forensics, and security event monitoring.


Lisa CarringtonLisa Carrington – NERC Certified System Reliability Operator | EnergySec

Lisa has been working in the energy sector for over 10 years. Most recently she managed NERC reliability compliance, NERC CIP compliance and NERC certified system operator training for Chelan PUD, a public electric utility, in central Washington State.

She is a NERC certified system reliability operator and was integral in the formation and development of the Western Interconnection Compliance Forum (WICF), an all-volunteer information sharing organization focusing on NERC reliability compliance; which is now the largest forum of its kind in the country.




Any cancellations received more than one month before the start of the session will be refunded 50% of the tuition of the course registered.  Any cancellations that are received less than one month before the start of the session, will not be eligible for a refund.   The cancellation must be sent in writing to or to EnergySec, 8440 SE Sunnybrook Blvd Suite 206, Clackamas OR 97015.


One postponement without a penalty fee is permitted. Any further request for postponement will receive a refund of 50% of the course tuition and new registration will be mandatory at a session date in the same calendar year.

Tags: , , , , ,


  1. Friday News & Notes - March 29, 2013

    […] NERC CIP Compliance Bootcamp, June 19-20 in Knoxville, […]

Leave a Reply