We support and empower each other by sharing knowledge and leveraging skills and resources across boundaries.
The EnergySec CIPtionary is a comprehensive reference for words and phrases used in the CIP standards and related documents and discussions. This is a useful resource to further understanding of the CIP standards and specific requirements where terminology is ambiguous.
EnergySec staff provide discussion forums available to all members on topics of interest and concern to critical infrastructure security.
The number of security products and services on the market has exploded in recent years and continues to grow. EnergySec’s Solution Center (VRC) is designed to provide a comprehensive listing of available solutions for specific problems within our industry. Our goal is to make this a perfect starting point in the evaluation of potential security product and service purchases. In addition to vendor listings by category and topics area, the SC will have areas for comments by member utilities and will contain results of industry surveys to determine the extent to which various products are used within industry.
For 13 years the EnergySec Security Summit has been the premier gathering for stakeholders in the energy sector focused on physical and cyber security. Our summits give each attendee a rare opportunity to mingle with asset owners, government agencies, researchers, consultants, vendors and academia under one roof. We are one of the oldest and most mature security events in the industry, bringing the most relevant and timely security topics to the forefront of discussion
In 2017, EnergySec launched its Security Education Week designed for early to mid career professionals within the energy industry seeking to advance their security skills and operational knowledge of critical systems within the sector. These events feature instructors with significant industry experience, hands-on security courses, and informational sessions on industry operations and security solutions.
Building on two successful events for Hawaiian locals, with a new, expanded format, our Hawaii Educational Sessions are now the Pacific Rim Critical Infrastructure Security Summit. Featuring experts on critical infrastructure security and attendees from the U.S., Asia, and Australia, join us at Waikiki Beach, Honolulu, HI, on February 21-22, 2018, for a cross-sector, cross-border, educational and networking opportunity.
New for 2018, a conference focused on security issues in power distribution systems. The Ukraine attacks and other recent developments have highlighted the need to improve security for electric distribution infrastructure that is not covered by the CIP standards. This 1.5 day event will focus on these issues. Join us in Washington, D.C., in early Spring 2018 to learn more and to network with peers facing similar threats.
In cooperation with industry and our extensive network of advisors, EnergySec staff develops and publishes detailed guidance on topics in the latest CIP version. Published versions of all guidance are available as a member benefit in the EnergySec Community.
In accordance with NERC’s Compliance Guidance Policy, EnergySec is seeking status as an organization prequalified to submit Application Guidance for potential “endorsement” by the ERO. Once approved, we will be able to work with our members and the broader community to develop and submit implementation approaches for CIP standards requirements.
EnergySec can assist with, coordinate, and/or submit formal Requests for Interpretation (RFI) of the NERC CIP standards. EnergySec staff is well-positioned to assist member entities with the evaluation of potential RFI situations, drafting of the request where needed, and interacting with NERC and Interpretation Drafting Team (IDT) throughout the process.
EnergySec staff review NERC draft standards and FERC NOPRs, providing comments that members can use as a response to the identified security measure.
EnergySec staff organize webinars that are educational in nature relevant to topics of security and critical infrastructure.
EnergySec organizes presenters to provide awareness of the latest technology products available in cybersecurity and ways these devices can be utilized to secure critical infrastructure.
EnergySec’s talented staff address the latest security and compliance standards with detailed insight into the effects on critical infrastructure.
EnergySec’s team of experts, with years of relevant industry experience in cybersecurity and NERC CIP implementation and audits, review and and provide a written in-depth analysis of documents, white papers, and briefs that discuss the security of critical infrastructure.
A semi-monthly email newsletter containing updates and analysis on CIP-related events, guidance, and published violations.
EnergySec’s Executive Briefs provide a 1-2 page abstract on key security topics of interest to an organization’s executives. Security professionals are able to present executives with a quick read on topics of security.
A weekly email newsletter containing updates on cybersecurity threats and vulnerabilities, emerging practices, policy, legislation, and regulation.
Sent at the beginning of each week, this includes security- and compliance-related events which are scheduled.
A monthly newsletter that details events within the EnergySec community in electronic and hard copy available to all parties interested in the work of EnergySec.
EnergySec staff and leadership participate in numerous industry events. Our staff is available to our member organizations for questions and consultation.
EnergySec staff attend meetings and conferences organized by regional entities to keep abreast of compliance-related activities throughout the country. The reporting of events is available to our members through our member publications and briefings.
EnergySec has staff dedicated to closely monitor new CIP drafting team efforts. The discussions, changes, and/or insights are made available to our members. Staff are available to members for clarification of results released by the drafting team.
EnergySec staff attend a variety of security conferences to keep informed of current issues and inform our membership.
EnergySec staff provide a monthly briefing to state utility commissioners and staff on security and compliance topics within the industry.
EnergySec’s online community is available to support collaboration in industry by providing industry-specific online forums. This platform is also used to distribute online resources for members and participants.
EnergySec operates a security analyst collaboration community on both the Anomali (ThreatStream) and the ThreatConnect platforms. This technology allows security analysts to engage in robust collaboration on threat intelligence and incident analysis in a secure manner.
EnergySec’s HipChat server is a private instant messaging service provided to community participants. This service provides immediate interaction with EnergySec staff and others in the industry. We regularly host chat sessions in conjunction with industry events, enabling real-time discussions and tracking of events by those unable to attend directly.
(M) Members are able to establish private chat rooms under their control for discussions with their peers across organizations.
EnergySec staff conducts customized, confidential surveys for individual or group organizations as requested. These surveys provide much-needed feedback for organizations while providing anonymity to respondents.
The need for cybersecurity professionals at all levels and within all industries is widely acknowledged. The utility sector is no different. Moreover, the shortage of professionals with the specific skills and experience needed to protect critical infrastructure is even greater. To address this issue, EnergySec is implementing several workforce development programs specifically designed to recruit and develop cybersecurity professionals with the unique skills and abilities required for critical infrastructure protection.
EnergySec offers a growing number of educational courses covering both NERC CIP and general security topics. Below are short abstracts of our courses and intended audiences. For full course information, please click on the course title.
EnergySec members receive a 30% discount off the list price of EnergySec courses.
The CIP Bootcamp is our flagship course, now with more than 1500 alumni.This course provides essential foundational knowledge of the NERC CIP ecosystem, as well as in-depth information on every CIP standard and requirement.This is the standard option for professionals seeking a full understanding of the NERC CIP standards. This includes all five days of the Bootcamp as outlined.
Audience: Industry professionals seeking a full knowledge of the NERC CIP standards and associated compliance oversight processes.The full 5-day Bootcamp qualifies for 40 CPE credits.
Day 1 of the Bootcamp provides foundational knowledge of the CIP standards and a deep dive into the Low Impact requirements.Topics include the history and legal basis of the standards, terminology, policy requirements, asset identification, and the four focus areas for the protection of low impact systems
Audience: Anyone with day to day responsibilities that include NERC CIP requirements.Vendors selling products or services to entities subject to the CIP standards.
In addition to the day 1 material discussed above, Days 2-3 present a deep dive into standards CIP-004 through CIP-014, covering every requirement in depth with discussions on compliance approaches,.
Audience: Anyone with day to day responsibilities that include NERC CIP requirements at the high or medium impact level.Vendors selling products or services to entities subject to the CIP standards.
Days 4-5 of the Bootcamp provide entity personnel with an understanding of compliance oversight practices employed by the ERO.This includes a detailed explanation of the audit process from preparation, to execution, to post-audit negotiations. Attendees will obtain an understanding of the NERC Rules of Procedures (RoP), Compliance Monitoring and Enforcement Program (CMEP), Inherent Risk Assessments (IRA), Internal Controls Evaluation (ICE), and the audit process as documented in the ERO Auditors Handbook. RSAW and evidence preparation and presentation will also be discussed.
Audience: Compliance, regulatory, legal, technical, and security staff that will participate in formal CIP audits, mock audits, or internal compliance reviews. Others desiring an understanding of oversight processes and methods to ensure compliance.
This educational event is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. For 2018, we are currently planning two events: Phoenix, AZ in April, and the Northeast U.S. is September. Dates and venues will be announced in late 2017.
Our Education Week events invite some of the brightest minds in utility security to teach a variety of technical topics relevant to our industry. Topics include Threat Hunting, Network Packet Analysis, Technical Security Assessments, security exercises, and more. We’ve also arrange for facility tours to provide a behind the scenes look at just what we are working to secure.
Education Weeks also include a variety of networking events designed to build relationships within industry and strengthen the community of cybersecurity professionals in our sector.
Attendees of this event will:
We recognize that many organizations struggle to staff security functions and often don’t have the budget to add full-time staff. Our security shared services program allows organizations to obtain “fractional ownership” in a security analyst, providing additional help without breaking the budget. For more information contact us at firstname.lastname@example.org.
We’ve designed our shared analyst program with the flexibility to meet the needs of any organization. This is not a typical MSSP arrangement, rather, our analysts become an extension of your organization, serving your needs directly. Key differentiators are:
ISAOs exist to increase the information sharing and shared analysis of their member organizations. To achieve this goal, EnergySec participates in or leads multiple initiatives. We support online technology platforms for EnergySec members to share threat intelligence, as well as streamline the way organizations can receive threat intelligence and Indicators of Compromise (IOCs) from the federal government.
EnergySec has served in an ISAO-like role since its inception, and in October 2016, became one of the first registered ISAOs, and also the first registered ISAO focused on the energy sector. EnergySec is participating in the ISAO process to ensure we can continue to serve our members in that capacity as the role becomes more formal and better organized. For more information on our ISAO efforts, contact us at email@example.com, or call us at (503) 905-2920 (option 4), or read below for more information on why to join an ISAO focused on the electric sector.