NERC & FERC

The North American Electric Reliability Corporation (NERC) has approved a set of cyber security standards to help support the reliability of the bulk power system. The standards are labeled from CIP-002-1 through CIP-009-1. Each CIP has the following focus areas:

• CIP-002 - Critical Cyber Asset Identification
• CIP-003 - Security Management Controls
• CIP-004 - Personnel and Training
• CIP-005 - Electronic Security Perimeters
• CIP-006 - Physical Security
• CIP-007 - Systems Security Management
• CIP-008 - Incident Reporting and Response Planning
• CIP-009 - Recovery Plans for Critical Cyber Assets

Tenable's Unified Security Monitoring solutions help organizations affected by NERC monitor the compliance and security of their enterprise networks.

• Tenable Nessus performs vulnerability auditing of operating systems, routers and applications used in NERC environments.
• Tenable Nessus performs specific vulnerability checks on control systems such as Telvent, Siemens, ABB Ranger and more.
• Tenable Nessus can perform configuration audits of operating system and applications specifically used in control systems such as OSIsoft PI, ABB Ranger and Siemens.
• The Tenable Passive Vulnerability Scanner can watch any IP-based control system network to monitor changes, identify assets, and discover vulnerabilities without any impact to the network.
• The Tenable Log Correlation Engine can be used to gather netflow, system logs, employee logins, intrusion detection events, file integrity information and much more from control system devices for aggregation, forensics, analysis and correlation.

Digital Bond's project Bandolier is funded by the Department of Energy and has produced audit policies for Nessus and SecurityCenter users to test the configurations of many different types of Unix and Windows control system software.