Our mission is to provide resources that assist
organizations in securing their critical infrastructure.
(M) Denotes Member Benefit
The EnergySec CIPtionary is a comprehensive reference for words and phrases used in the CIP standards and related documents and discussions. This is a useful resource to further understanding of the CIP standards and specific requirements where terminology is ambiguous.
EnergySec staff provide discussion forums available to all members on topics of interest and concern to critical infrastructure security.
The number of security products and services on the market has exploded in recent years and continues to grow. EnergySec’s Solution Center (VRC) is designed to provide a comprehensive listing of available solutions for specific problems within our industry. Our goal is to make this a perfect starting point in the evaluation of potential security product and service purchases. In addition to vendor listings by category and topics area, the SC will have areas for comments by member utilities and will contain results of industry surveys to determine the extent to which various products are used within industry.
Annual Security and Compliance Summit
For 13 years the EnergySec Security Summit has been the premier gathering for stakeholders in the energy sector focused on physical and cyber security. Our summits give each attendee a rare opportunity to mingle with asset owners, government agencies, researchers, consultants, vendors and academia under one roof. We are one of the oldest and most mature security events in the industry, bringing the most relevant and timely security topics to the forefront of discussion
In 2017, EnergySec launched its Security Education Week designed for early to mid career professionals within the energy industry seeking to advance their security skills and operational knowledge of critical systems within the sector. These events feature instructors with significant industry experience, hands-on security courses, and informational sessions on industry operations and security solutions.
Pacific Rim Critical Infrastructure Security Summit
Building on two successful events for Hawaiian locals, with a new, expanded format, our Hawaii Educational Sessions are now the Pacific Rim Critical Infrastructure Security Summit. Featuring experts on critical infrastructure security and attendees from the U.S., Asia, and Australia, join us at Waikiki Beach, Honolulu, HI, on February 21-22, 2018, for a cross-sector, cross-border, educational and networking opportunity.
Distribution Security Forum
New for 2018, a conference focused on security issues in power distribution systems. The Ukraine attacks and other recent developments have highlighted the need to improve security for electric distribution infrastructure that is not covered by the CIP standards. This 1.5 day event will focus on these issues. Join us in Washington, D.C., in early Spring 2018 to learn more and to network with peers facing similar threats.
(M) NERC CIP Guidance
In cooperation with industry and our extensive network of advisors, EnergySec staff develops and publishes detailed guidance on topics in the latest CIP version. Published versions of all guidance are available as a member benefit in the EnergySec Community.
In accordance with NERC’s Compliance Guidance Policy, EnergySec is seeking status as an organization prequalified to submit Application Guidance for potential “endorsement” by the ERO. Once approved, we will be able to work with our members and the broader community to develop and submit implementation approaches for CIP standards requirements.
(M) NERC CIP RFI Assistance
EnergySec can assist with, coordinate, and/or submit formal Requests for Interpretation (RFI) of the NERC CIP standards. EnergySec staff is well-positioned to assist member entities with the evaluation of potential RFI situations, drafting of the request where needed, and interacting with NERC and Interpretation Drafting Team (IDT) throughout the process.
Comments on Regulatory Actions
EnergySec staff review NERC draft standards and FERC NOPRs, providing comments that members can use as a response to the identified security measure.
EnergySec staff organize webinars that are educational in nature relevant to topics of security and critical infrastructure.
EnergySec organizes presenters to provide awareness of the latest technology products available in cybersecurity and ways these devices can be utilized to secure critical infrastructure.
EnergySec’s talented staff address the latest security and compliance standards with detailed insight into the effects on critical infrastructure.
(M) CIP Newsletter
A semi-monthly email newsletter containing updates and analysis on CIP-related events, guidance, and published violations.
(M) Executive Briefs
EnergySec’s Executive Briefs provide a 1-2 page abstract on key security topics of interest to an organization’s executives. Security professionals are able to present executives with a quick read on topics of security.
EnergySec’s team of experts, with years of relevant industry experience in cybersecurity and NERC CIP implementation and audits, review and and provide a written in-depth analysis of documents, white papers, and briefs that discuss the security of critical infrastructure.
(M) Weekly Update
A weekly email newsletter containing updates on cybersecurity threats and vulnerabilities, emerging practices, policy, legislation, and regulation.
(M) The Week Ahead Email
Sent at the beginning of each week, this includes security- and compliance-related events which are scheduled.
A monthly newsletter that details events within the EnergySec community in electronic and hard copy available to all parties interested in the work of EnergySec.
(M) Staff Access
EnergySec staff and leadership participate in numerous industry events. Our staff is available to our member organizations for questions and consultation.
Regional Entity Meetings
EnergySec staff attend meetings and conferences organized by regional entities to keep abreast of compliance-related activities throughout the country. The reporting of events is available to our members through our member publications and briefings.
EnergySec has staff dedicated to closely monitor new CIP drafting team efforts. The discussions, changes, and/or insights are made available to our members. Staff are available to members for clarification of results released by the drafting team.
EnergySec staff attend a variety of security conferences to keep informed of current issues and inform our membership.
EnergySec staff provide a monthly briefing to state utility commissioners and staff on security and compliance topics within the industry.
EnergySec’s online community is available to support collaboration in industry by providing industry-specific online forums. This platform is also used to distribute online resources for members and participants.
EnergySec operates a security analyst collaboration community on both the Anomali (ThreatStream) and the ThreatConnect platforms. This technology allows security analysts to engage in robust collaboration on threat intelligence and incident analysis in a secure manner.
EnergySec’s HipChat server is a private instant messaging service provided to community participants. This service provides immediate interaction with EnergySec staff and others in the industry. We regularly host chat sessions in conjunction with industry events, enabling real-time discussions and tracking of events by those unable to attend directly.
(M) Members are able to establish private chat rooms under their control for discussions with their peers across organizations.
EnergySec staff conducts customized, confidential surveys for individual or group organizations as requested. These surveys provide much-needed feedback for organizations while providing anonymity to respondents.