Our mission is to provide resources that assist
organizations in securing their critical infrastructure.
(M) Denotes Member Benefit
The EnergySec CIPtionary is a comprehensive reference for words and phrases used in the CIP standards and related documents and discussions. This is a useful resource to further understanding of the CIP standards and specific requirements where terminology is ambiguous.
EnergySec staff provide discussion forums available to all members on topics of interest and concern to critical infrastructure security.
Annual Security and Compliance Summit
For 15 years the EnergySec Security Summit has been the premier gathering for stakeholders in the energy sector focused on physical and cyber security. Our summits give each attendee a rare opportunity to mingle with asset owners, government agencies, researchers, consultants, vendors and academia under one roof. We are one of the oldest and most mature security events in the industry, bringing the most relevant and timely security topics to the forefront of discussion
EnergySec developed Security Education Week for early to mid career professionals within the energy industry seeking to advance their security skills and operational knowledge of critical systems within the sector. These events feature instructors with significant industry experience, hands-on security courses, and informational sessions on industry operations and security solutions.
Pacific Rim Critical Infrastructure Security Summit
Building on two successful events for Hawaiian locals, with a new, expanded format, our Hawaii Educational Sessions are now the Pacific Rim Critical Infrastructure Security Summit. Featuring experts on critical infrastructure security and attendees from the U.S., Asia, and Australia, join us at Waikiki Beach, Honolulu, HI, on February 2020, for a cross-sector, cross-border, educational and networking opportunity.
Distribution Security Forum (DSF)
DSF is a conference focused on security issues in power distribution systems. The Ukraine attacks and other recent developments have highlighted the need to improve security for electric distribution infrastructure that is not covered by the CIP standards. This 2 day event will focus on these issues. Join us in Washington, D.C., on April 11-12, 2019 to learn more and to network with peers facing similar threats.
(M) NERC CIP Guidance
In cooperation with industry and our extensive network of advisors, EnergySec staff develops and publishes detailed guidance on topics in the latest CIP version. Published versions of all guidance are available as a member benefit in the EnergySec Community.
In accordance with NERC’s Compliance Guidance Policy, EnergySec is seeking status as an organization prequalified to submit Application Guidance for potential “endorsement” by the ERO. Once approved, we will be able to work with our members and the broader community to develop and submit implementation approaches for CIP standards requirements.
(M) NERC CIP RFI Assistance
EnergySec can assist with, coordinate, and/or submit formal Requests for Interpretation (RFI) of the NERC CIP standards. EnergySec staff is well-positioned to assist member entities with the evaluation of potential RFI situations, drafting of the request where needed, and interacting with NERC and Interpretation Drafting Team (IDT) throughout the process.
Comments on Regulatory Actions
EnergySec staff review NERC draft standards and FERC NOPRs, providing comments that members can use as a response to the identified security measure.
At their first quarter meeting on March 21, 2018, the NERC Compliance and Certification Committee voted to approve EnergySec as a Pre-Qualified Organization. As a Pre-Qualified Organization, EnergySec is authorized to submit Compliance Implementation Guidance for ERO endorsement. This positions us to assist our membership in developing and documenting compliance approaches suitable for “endorsement” by the ERO, reducing uncertainty for complex CIP compliance topics.
EnergySec staff organize webinars that are educational in nature relevant to topics of security and critical infrastructure.
EnergySec organizes presenters to provide awareness of the latest technology products available in cybersecurity and ways these devices can be utilized to secure critical infrastructure.
EnergySec’s talented staff address the latest security and compliance standards with detailed insight into the effects on critical infrastructure.
(M) CIP Newsletter
A semi-monthly email newsletter containing updates and analysis on CIP-related events, guidance, and published violations.
(M) Executive Briefs
EnergySec’s Executive Briefs provide a 1-2 page abstract on key security topics of interest to an organization’s executives. Security professionals are able to present executives with a quick read on topics of security.
EnergySec’s team of experts, with years of relevant industry experience in cybersecurity and NERC CIP implementation and audits, review and and provide a written in-depth analysis of documents, white papers, and briefs that discuss the security of critical infrastructure.
(M) Weekly Update
A weekly email newsletter containing updates on cybersecurity threats and vulnerabilities, emerging practices, policy, legislation, and regulation.
(M) The Week Ahead Email
Sent at the beginning of each week, this includes security- and compliance-related events which are scheduled.
A monthly newsletter that details events within the EnergySec community in electronic and hard copy available to all parties interested in the work of EnergySec.
(M) Staff Access
EnergySec staff and leadership participate in numerous industry events. Our staff is available to our member organizations for questions and consultation.
Regional Entity Meetings
EnergySec staff attend meetings and conferences organized by regional entities to keep abreast of compliance-related activities throughout the country. The reporting of events is available to our members through our member publications and briefings.
EnergySec has staff dedicated to closely monitor new CIP drafting team efforts. The discussions, changes, and/or insights are made available to our members. Staff are available to members for clarification of results released by the drafting team.
EnergySec staff attend a variety of security conferences to keep informed of current issues and inform our membership.
EnergySec staff provide a monthly briefing to state utility commissioners and staff on security and compliance topics within the industry.
EnergySec’s online community is available to support collaboration in industry by providing industry-specific online forums. This platform is also used to distribute online resources for members and participants.
EnergySec operates a security analyst collaboration community on the Anomali (ThreatStream) platform. This technology allows security analysts to engage in robust collaboration on threat intelligence and incident analysis in a secure manner.
EnergySec’s Slack is a private instant messaging service provided to community participants. This service provides immediate interaction with EnergySec staff and others in the industry. We regularly host chat sessions in conjunction with industry events, enabling real-time discussions and tracking of events by those unable to attend directly.
EnergySec staff conducts customized, confidential surveys for individual or group organizations as requested. These surveys provide much-needed feedback for organizations while providing anonymity to respondents.