SlideShare ist ein Scribd-Unternehmen logo

EnergySec & National Electric Cyber Security Organization (NESCO) Overview by Patrick Miller, EnergySec

‱Als PPTX, PDF herunterladen‱
‱
T
TheAnfieldGroup

The National Electric Sector Cybersecurity Organization (NESCO) was established by the U.S. Department of Energy to enhance cybersecurity information sharing in the electric sector. NESCO is operated by EnergySec, a nonprofit, and provides members with tools like a collaboration portal, rapid notification system, and Tactical Analysis Center. NESCO has grown significantly since its inception and aims to be fully industry-funded after an initial seed period supported by the Department of Energy.

TechnologieBusiness
1 von 40
EnergySec & National Electric Cyber Security Organization (NESCO) Overview 2012 Technologies for Security and Compliance Summit The Anfield Group August 1-2 2012 Barton Creek Resort – Austin, TX
New, New Security Model  Nation State quality adversaries  Fear the auditor more than attacker  Regulatory avalanche forecast  Constant compromise  Ecosystem of organizations  Information sharing is holy grail 2 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Info-Share to the Rescue!  What does Information Sharing really mean? – Taking vs. Sharing – Secrecy for secrecy’s sake – Government doesn’t share well (yet)  Very useful approach, but not a panacea  Comes with trade-offs
 3 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Information Sharing Reality Some Pros
  What works, what doesn’t  Benchmarking  Situational awareness  Tactical threat and vulnerability analysis  Community-sourcing  Regulatory compliance  Mentoring 4 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy Some Cons
  Classification and handling, both Gov and Corporations  Lawyers, agreements and contracts  Consumers will always outnumber sharers  Trust; n parties  Doesn’t scale well
Who is EnergySec?  Unique, non-profit, independent, public- private information sharing organization  Borne from Energy Sector  Bottom-up vs. top-down  TRUSTED – By the industry, for the industry – Non-profit 501(c)(3) – Independent, private – 10+ years of information sharing experience 5 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
EnergySec Background  10.2001: Precursor to E-Sec NW formed  7.2004: E-Sec NW formalized and “founded” – Asset owner/operator ONLY; all volunteer  1.2008: SANS Information Sharing Award  12.2008: Incorporated E-Sec NW as EnergySec  10.2009: 501(c)(3) nonprofit determination  4.2010: EnergySec applied for NESCO DOE FOA  7.2010: EnergySec awarded NESCO FOA  10.2010: NESCO became operational 6 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
What EnergySec Is NOT
  Not a lobbyist  Not a vendor  Not a consultant  Not government agency  Not a regulator 7 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
EnergySec Staff  Extensive applied sector experience – Many years employment at asset owners – Operations, security, audit, Sr mgmt, OT, IT – Regional Entity leadership – Independent consulting; big firms and boutiques – Built several successful companies – EnergySec founders, Info-sharing pioneers – Certified, trusted, highly connected, dedicated 8 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
EnergySec Programs  NESCO: Information Sharing & Best Practices  Advisory Service  EnergySec University – Education/Workforce Development  LIGHTS: Security in a box (turnkey) – Independent board – Partnership with ICS-ISAC 9 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
EnergySec Nonprofit Umbrella EnergySec NESCO Advisory University Other
 10 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
EnergySec Advisory  Customized agenda; facilitated discussion  Examine current and horizon energy sector specific cyber security legislation  Explore methods to meet compliance obligations and enhance security posture  Present threat, vulnerability and impact landscape to executives and staff  Highest concentration of advisors with unique and hard-to-ïŹnd combination of experience 11 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
EnergySec University  Professional/workforce development path – Internal expertise as instructors – Open faculty roster from best and brightest – Courses in all IT/OT security-related disciplines  Internship matchmaking – coming soon  Working closely with National Board of Information Security Examiners (NBISE) 12 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
What Is NESCO?  R. 3183 “...the Secretary shall establish an independent national energy sector cyber security organization...” – Department Of Energy issued FOA on March 31, 2010  Purpose is to “establish a National Electric Sector Cyber Security Organization that has the knowledge, capabilities, and experience to protect the electric grid and enhance integration of smart grid technologies that are adequately protected against cyber attacks.”  “This organization will serve as a focal point to bring together domestic and international experts, developers, and users who will assess and test the security of novel technology, architectures, and applications.” 13 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
NESCO Objectives  Organize, lead and implement a public-private partnership  Focus cybersecurity research and development priorities  Identify and disseminate security best practices  Organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats  Work cooperatively with the DOE and other Federal Agencies  Enhance cybersecurity of the bulk power grid and electric infrastructure 14 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
Who Is NESCO? 15 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy. ‱ Public ‱ Private ‱ Non-Reg ‱ Regulatory ‱ Fed, State
 ‱ Product ‱ Service ‱ IOU ‱ Muni ‱ Coop Asset Owners Vendor Academia/Research Govt
Connect & Support 16 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy Utility Asset Owners
Membership Growth 17 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Member Demographics 18 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy Academic 5% Asset Owner 49% Govt/Regulatory 11% Vendor/Other 35% Membership by Organization Academic 2% Asset Owner 64% Govt/Regulatory 12% Vendor/Other 22% Membership by Individual 363 unique organizations1,050 Individual members Predominately Asset Owner Driven Membership Base
Membership Overview  NESCO Members of Sept 30 2011 (1 year) – 788 NESCO members – 278 unique organizations  NESCO Members as of July 12 2012: – 1050 individuals – 363 unique organizations Note: This represents a nearly 50% annual growth rate 19 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Social Media Outreach  NESCO mailing list: 3536  NESCO Twitter followers: 2635  NESCO LinkedIn group members: 535 20 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Direct Outreach  3 Town Hall meetings  19 Voice of the Industry (VOI) meetings  82 TAC notices; 149 follow up threads  71 presentations/panels  94 event participation  37 blog mentions  43 interviews and article citations 21 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Engage, Equip & Empower 22 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy  Sharing requires trust  Trust is built on relationships  Our approach
 – Bringing people together – Flexible technology options and solutions to extend and enhance relationships – Organic growth; birds of a feather
NESCO Is Technology  Secure collaboration portal – Wiki – Working groups – Discussion forums – Email distribution lists  Rapid Notification System  Social Media – LinkedIn, Twitter, Facebook 23 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
NESCO Tools 24 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy  Email distribution lists  Secure collaboration wiki  Secure instant messaging  Rapid notification mechanisms  Resource repository  Most technologies have non- attribution (anonymous) options
NESCO Resource Repository 25 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy  Best/common practices  Policy, process, procedure  Compliance approaches  Document Templates  Code snippets, scripts  System configurations  Links to useful security sites  And more

NESCO Tactical Analysis Center  Supports ES-ISAC and ICS-CERT  Open & private source intelligence  Asset owner volunteer handler SMEs with virtual “dashboards”  Rapid, community-sourced analysis  Secure communications  Rapid notification system  Daily diaries, trending  Quarterly & annual reports 26 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
ES-ISAC, ICS-CERT and TAC  An analogy
 triage and long term care  Basic differences of the TAC – Operated by an independent non-profit org – Not associated with a federal regulatory agency ‱ DOE partner is non-regulatory ‱ Funding expires in 2014, only “seed” money provided ‱ Funding model involves cost-share, so industry bears cost throughout entire effort – Electric sector specific – Provides feeds, when requested to NERC & DHS & 
 27 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
ES-ISAC, ICS-CERT and TAC  Basic differences of the TAC – Covers all entities, not just Registered Entities under the NERC Functional Model ‱ Not just Bulk Electric w/ CA and CCA ‱ Includes smart grid, distribution, QF generation – NESCO staff work alongside industry handlers – RNS has direct access to security staff – Volunteer reporting structure, not mandatory – Private position offers unique vendor relationships – Anonymized pass through for bi-directional sharing 28 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
NESCO Products  Whitepapers – DNS Exfiltration – Security Logging Best Practices and Capability Maturity Models – Public Key Infrastructure, Automated Metering Infrastructure and Industrial Control Systems – DOE Electric Sector Cybersecurity Capability Maturity Model (ES-C2M2) – coming soon! – What else would you like to see? 29 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
NESCO Products  Rapid Notification System – Night Dragon webcast – Duqu webcast – Multiple TAC notices 30 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
NESCO Success Stories 31 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy. 
is fantastic that [DOE produces] a document that deals with a subject so technical and that it makes available to the public. http://goo.gl/0xiWp
NESCO Success Stories  Spearphishing notices from asset owner shared with DHS for action – Result: DHS ICS-CERT advisory issued  Accounts from service contractor posted to Internet reviewed for asset owner data – Result: Direct contact warning to specific parties 32 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
NESCO Success Stories  Exposed control systems posted on Internet matched to asset owners – Result: Direct contact warning to specific parties  EnergySec spearphishing attempt – Result: Cross-organization comparison with general industry advisory; IOCs published 33 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
NESCO Success Stories  Industry and [some] Regional Entities seeking to modify process for Technical Feasibility Exceptions to maximize security benefit – Result: NESCO provided independent and impartial discussion forum, webinar and industry feedback loop for proposed change to process 34 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
NESCO Success Stories 35 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
NESCO Funding Model  Department of Energy FOA  Cooperative agreement  Cost-share is ~40%, ramps over life of 3.5 year “seed” window  At end of seed window, NESCO is fully funded by industry  Supported by underwriters and TAC subscriptions 36 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
NESCO Summary  Focused on building trust through relationships to further security collaboration and sharing  Flexible technology facilitates and catalyzes information/resource sharing efforts  Supports existing successful programs  Security voice of the electric sector 37 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
Get Connected  EnergySec Summit: September 25-28 – NESCO Town Hall – CISO Forum – Policy and Technical Tracks  EnergySec University Courses – NERC CIP Training: Las Vegas 10/25 – NERC CIP Training: Sacramento 12/4 – Cybersecurity for Operations: Nashville 11/7  NESCO Voice of the Industry (VOI) Meetings 38 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Get Connected  www.energysec.org  www.energysec.org/join  www.energysec.org/tac-subscription- service  TAC@energysec.org  New NESCO website soon! 39 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
Questions? 40 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy Patrick C Miller Principal Investigator, National Electric Sector Cybersecurity Organization President & CEO, EnergySec patrick.miller@energysec.org 503.446.1212 (desk) @patrickcmiller (twitter) www.energysec.org

Empfohlen

TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 OverviewEnergySec
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITEnergySec
 
The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1Shannon Gilliland
 
The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1ms_moran
 
Community Energy in Minnesota
Community Energy in MinnesotaCommunity Energy in Minnesota
Community Energy in MinnesotaUniversity of Minnesota
 
Joint us canada_grid_strategy_06_dec2016
Joint us canada_grid_strategy_06_dec2016Joint us canada_grid_strategy_06_dec2016
Joint us canada_grid_strategy_06_dec2016ЕлОзаĐČДта ĐĄŃ‚Đ°Ń€ĐŸĐČĐ”Ń€ĐŸĐČĐ°
 
News 20111004 rwea
News 20111004 rweaNews 20111004 rwea
News 20111004 rweaPaul Keisch
 

Empfohlen

TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 OverviewEnergySec
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITEnergySec
 
The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1Shannon Gilliland
 
The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1The basics of_taxes_power_point_2.2.2.g1
The basics of_taxes_power_point_2.2.2.g1ms_moran
 
Community Energy in Minnesota
Community Energy in MinnesotaCommunity Energy in Minnesota
Community Energy in MinnesotaUniversity of Minnesota
 
Joint us canada_grid_strategy_06_dec2016
Joint us canada_grid_strategy_06_dec2016Joint us canada_grid_strategy_06_dec2016
Joint us canada_grid_strategy_06_dec2016ЕлОзаĐČДта ĐĄŃ‚Đ°Ń€ĐŸĐČĐ”Ń€ĐŸĐČĐ°
 
News 20111004 rwea
News 20111004 rweaNews 20111004 rwea
News 20111004 rweaPaul Keisch
 
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...TheAnfieldGroup
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Presentation1
Presentation1Presentation1
Presentation1Patrick Jerwin de Castro
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...TheAnfieldGroup
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
Synchrophasor Timing Security
Synchrophasor Timing SecuritySynchrophasor Timing Security
Synchrophasor Timing SecurityTheAnfieldGroup
 
NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsEnergySec
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...EnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USABuilding A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USAJohn Ragan
 
Capstone Paper
Capstone PaperCapstone Paper
Capstone PaperThomas Kaczmarek
 
CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire
 
MREC_Massoud Amin-02-20-15_expanded_final
MREC_Massoud Amin-02-20-15_expanded_finalMREC_Massoud Amin-02-20-15_expanded_final
MREC_Massoud Amin-02-20-15_expanded_finalMassoud Amin
 
TSF | Solar on Schools Presentation
TSF | Solar on Schools PresentationTSF | Solar on Schools Presentation
TSF | Solar on Schools PresentationThe Solar Foundation
 
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdfUS DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdfJesseHill22
 

Weitere Àhnliche Inhalte

Andere mochten auch

Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...TheAnfieldGroup
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...TheAnfieldGroup
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
Synchrophasor Timing Security
Synchrophasor Timing SecuritySynchrophasor Timing Security
Synchrophasor Timing SecurityTheAnfieldGroup
 

Andere mochten auch (6)

Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
 
Presentation1
Presentation1Presentation1
Presentation1
 
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
Regulators’ Role in Smart Grid Security: What They Want to Know by Alan Rival...
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO Overview
 
Synchrophasor Timing Security
Synchrophasor Timing SecuritySynchrophasor Timing Security
Synchrophasor Timing Security
 

Ähnlich wie EnergySec & National Electric Cyber Security Organization (NESCO) Overview by Patrick Miller, EnergySec

NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer LookEnergySec
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsEnergySec
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...EnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USABuilding A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USAJohn Ragan
 
CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire
 
MREC_Massoud Amin-02-20-15_expanded_final
MREC_Massoud Amin-02-20-15_expanded_finalMREC_Massoud Amin-02-20-15_expanded_final
MREC_Massoud Amin-02-20-15_expanded_finalMassoud Amin
 
TSF | Solar on Schools Presentation
TSF | Solar on Schools PresentationTSF | Solar on Schools Presentation
TSF | Solar on Schools PresentationThe Solar Foundation
 
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdfUS DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdfJesseHill22
 
EnergyTech2015 Program Guide
EnergyTech2015 Program GuideEnergyTech2015 Program Guide
EnergyTech2015 Program GuideEnergyTech2015
 
Beceiro clean energy overview
Beceiro clean energy overviewBeceiro clean energy overview
Beceiro clean energy overviewJohn Thornton
 
Clean Energy Overview - Pecan Street Project_Beceiro
Clean Energy Overview - Pecan Street Project_BeceiroClean Energy Overview - Pecan Street Project_Beceiro
Clean Energy Overview - Pecan Street Project_BeceiroJohn Thornton
 

Ähnlich wie EnergySec & National Electric Cyber Security Organization (NESCO) Overview by Patrick Miller, EnergySec (20)

NESCO: A Closer Look
NESCO: A Closer LookNESCO: A Closer Look
NESCO: A Closer Look
 
Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric Sector
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric Sector
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity Requirements
 
Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD Meeting
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD Meeting
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity Briefing
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overview
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business Perspective
 
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USABuilding A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA
 
Capstone Paper
Capstone PaperCapstone Paper
Capstone Paper
 
CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012
 
MREC_Massoud Amin-02-20-15_expanded_final
MREC_Massoud Amin-02-20-15_expanded_finalMREC_Massoud Amin-02-20-15_expanded_final
MREC_Massoud Amin-02-20-15_expanded_final
 
TSF | Solar on Schools Presentation
TSF | Solar on Schools PresentationTSF | Solar on Schools Presentation
TSF | Solar on Schools Presentation
 
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdfUS DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
US DEPARTMENT OF ENERGY_POWERPOINT (1).pdf
 
EnergyTech2015 Program Guide
EnergyTech2015 Program GuideEnergyTech2015 Program Guide
EnergyTech2015 Program Guide
 
Beceiro clean energy overview
Beceiro clean energy overviewBeceiro clean energy overview
Beceiro clean energy overview
 
Clean Energy Overview - Pecan Street Project_Beceiro
Clean Energy Overview - Pecan Street Project_BeceiroClean Energy Overview - Pecan Street Project_Beceiro
Clean Energy Overview - Pecan Street Project_Beceiro
 
Prof E Hewitt
Prof E HewittProf E Hewitt
Prof E Hewitt
 

KĂŒrzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

KĂŒrzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

EnergySec & National Electric Cyber Security Organization (NESCO) Overview by Patrick Miller, EnergySec

  • 1. EnergySec & National Electric Cyber Security Organization (NESCO) Overview 2012 Technologies for Security and Compliance Summit The Anfield Group August 1-2 2012 Barton Creek Resort – Austin, TX
  • 2. New, New Security Model  Nation State quality adversaries  Fear the auditor more than attacker  Regulatory avalanche forecast  Constant compromise  Ecosystem of organizations  Information sharing is holy grail 2 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 3. Info-Share to the Rescue!  What does Information Sharing really mean? – Taking vs. Sharing – Secrecy for secrecy’s sake – Government doesn’t share well (yet)  Very useful approach, but not a panacea  Comes with trade-offs
 3 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 4. Information Sharing Reality Some Pros
  What works, what doesn’t  Benchmarking  Situational awareness  Tactical threat and vulnerability analysis  Community-sourcing  Regulatory compliance  Mentoring 4 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy Some Cons
  Classification and handling, both Gov and Corporations  Lawyers, agreements and contracts  Consumers will always outnumber sharers  Trust; n parties  Doesn’t scale well
  • 5. Who is EnergySec?  Unique, non-profit, independent, public- private information sharing organization  Borne from Energy Sector  Bottom-up vs. top-down  TRUSTED – By the industry, for the industry – Non-profit 501(c)(3) – Independent, private – 10+ years of information sharing experience 5 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
  • 6. EnergySec Background  10.2001: Precursor to E-Sec NW formed  7.2004: E-Sec NW formalized and “founded” – Asset owner/operator ONLY; all volunteer  1.2008: SANS Information Sharing Award  12.2008: Incorporated E-Sec NW as EnergySec  10.2009: 501(c)(3) nonprofit determination  4.2010: EnergySec applied for NESCO DOE FOA  7.2010: EnergySec awarded NESCO FOA  10.2010: NESCO became operational 6 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
  • 7. What EnergySec Is NOT
  Not a lobbyist  Not a vendor  Not a consultant  Not government agency  Not a regulator 7 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 8. EnergySec Staff  Extensive applied sector experience – Many years employment at asset owners – Operations, security, audit, Sr mgmt, OT, IT – Regional Entity leadership – Independent consulting; big firms and boutiques – Built several successful companies – EnergySec founders, Info-sharing pioneers – Certified, trusted, highly connected, dedicated 8 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
  • 9. EnergySec Programs  NESCO: Information Sharing & Best Practices  Advisory Service  EnergySec University – Education/Workforce Development  LIGHTS: Security in a box (turnkey) – Independent board – Partnership with ICS-ISAC 9 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 10. EnergySec Nonprofit Umbrella EnergySec NESCO Advisory University Other
 10 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 11. EnergySec Advisory  Customized agenda; facilitated discussion  Examine current and horizon energy sector specific cyber security legislation  Explore methods to meet compliance obligations and enhance security posture  Present threat, vulnerability and impact landscape to executives and staff  Highest concentration of advisors with unique and hard-to-ïŹnd combination of experience 11 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 12. EnergySec University  Professional/workforce development path – Internal expertise as instructors – Open faculty roster from best and brightest – Courses in all IT/OT security-related disciplines  Internship matchmaking – coming soon  Working closely with National Board of Information Security Examiners (NBISE) 12 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 13. What Is NESCO?  R. 3183 “...the Secretary shall establish an independent national energy sector cyber security organization...” – Department Of Energy issued FOA on March 31, 2010  Purpose is to “establish a National Electric Sector Cyber Security Organization that has the knowledge, capabilities, and experience to protect the electric grid and enhance integration of smart grid technologies that are adequately protected against cyber attacks.”  “This organization will serve as a focal point to bring together domestic and international experts, developers, and users who will assess and test the security of novel technology, architectures, and applications.” 13 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
  • 14. NESCO Objectives  Organize, lead and implement a public-private partnership  Focus cybersecurity research and development priorities  Identify and disseminate security best practices  Organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats  Work cooperatively with the DOE and other Federal Agencies  Enhance cybersecurity of the bulk power grid and electric infrastructure 14 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
  • 15. Who Is NESCO? 15 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy. ‱ Public ‱ Private ‱ Non-Reg ‱ Regulatory ‱ Fed, State
 ‱ Product ‱ Service ‱ IOU ‱ Muni ‱ Coop Asset Owners Vendor Academia/Research Govt
  • 16. Connect & Support 16 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy Utility Asset Owners
  • 17. Membership Growth 17 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 18. Member Demographics 18 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy Academic 5% Asset Owner 49% Govt/Regulatory 11% Vendor/Other 35% Membership by Organization Academic 2% Asset Owner 64% Govt/Regulatory 12% Vendor/Other 22% Membership by Individual 363 unique organizations1,050 Individual members Predominately Asset Owner Driven Membership Base
  • 19. Membership Overview  NESCO Members of Sept 30 2011 (1 year) – 788 NESCO members – 278 unique organizations  NESCO Members as of July 12 2012: – 1050 individuals – 363 unique organizations Note: This represents a nearly 50% annual growth rate 19 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 20. Social Media Outreach  NESCO mailing list: 3536  NESCO Twitter followers: 2635  NESCO LinkedIn group members: 535 20 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 21. Direct Outreach  3 Town Hall meetings  19 Voice of the Industry (VOI) meetings  82 TAC notices; 149 follow up threads  71 presentations/panels  94 event participation  37 blog mentions  43 interviews and article citations 21 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 22. Engage, Equip & Empower 22 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy  Sharing requires trust  Trust is built on relationships  Our approach
 – Bringing people together – Flexible technology options and solutions to extend and enhance relationships – Organic growth; birds of a feather
  • 23. NESCO Is Technology  Secure collaboration portal – Wiki – Working groups – Discussion forums – Email distribution lists  Rapid Notification System  Social Media – LinkedIn, Twitter, Facebook 23 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
  • 24. NESCO Tools 24 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy  Email distribution lists  Secure collaboration wiki  Secure instant messaging  Rapid notification mechanisms  Resource repository  Most technologies have non- attribution (anonymous) options
  • 25. NESCO Resource Repository 25 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy  Best/common practices  Policy, process, procedure  Compliance approaches  Document Templates  Code snippets, scripts  System configurations  Links to useful security sites  And more

  • 26. NESCO Tactical Analysis Center  Supports ES-ISAC and ICS-CERT  Open & private source intelligence  Asset owner volunteer handler SMEs with virtual “dashboards”  Rapid, community-sourced analysis  Secure communications  Rapid notification system  Daily diaries, trending  Quarterly & annual reports 26 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
  • 27. ES-ISAC, ICS-CERT and TAC  An analogy
 triage and long term care  Basic differences of the TAC – Operated by an independent non-profit org – Not associated with a federal regulatory agency ‱ DOE partner is non-regulatory ‱ Funding expires in 2014, only “seed” money provided ‱ Funding model involves cost-share, so industry bears cost throughout entire effort – Electric sector specific – Provides feeds, when requested to NERC & DHS & 
 27 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 28. ES-ISAC, ICS-CERT and TAC  Basic differences of the TAC – Covers all entities, not just Registered Entities under the NERC Functional Model ‱ Not just Bulk Electric w/ CA and CCA ‱ Includes smart grid, distribution, QF generation – NESCO staff work alongside industry handlers – RNS has direct access to security staff – Volunteer reporting structure, not mandatory – Private position offers unique vendor relationships – Anonymized pass through for bi-directional sharing 28 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 29. NESCO Products  Whitepapers – DNS Exfiltration – Security Logging Best Practices and Capability Maturity Models – Public Key Infrastructure, Automated Metering Infrastructure and Industrial Control Systems – DOE Electric Sector Cybersecurity Capability Maturity Model (ES-C2M2) – coming soon! – What else would you like to see? 29 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
  • 30. NESCO Products  Rapid Notification System – Night Dragon webcast – Duqu webcast – Multiple TAC notices 30 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 31. NESCO Success Stories 31 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy. 
is fantastic that [DOE produces] a document that deals with a subject so technical and that it makes available to the public. http://goo.gl/0xiWp
  • 32. NESCO Success Stories  Spearphishing notices from asset owner shared with DHS for action – Result: DHS ICS-CERT advisory issued  Accounts from service contractor posted to Internet reviewed for asset owner data – Result: Direct contact warning to specific parties 32 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy.
  • 33. NESCO Success Stories  Exposed control systems posted on Internet matched to asset owners – Result: Direct contact warning to specific parties  EnergySec spearphishing attempt – Result: Cross-organization comparison with general industry advisory; IOCs published 33 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 34. NESCO Success Stories  Industry and [some] Regional Entities seeking to modify process for Technical Feasibility Exceptions to maximize security benefit – Result: NESCO provided independent and impartial discussion forum, webinar and industry feedback loop for proposed change to process 34 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 35. NESCO Success Stories 35 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 36. NESCO Funding Model  Department of Energy FOA  Cooperative agreement  Cost-share is ~40%, ramps over life of 3.5 year “seed” window  At end of seed window, NESCO is fully funded by industry  Supported by underwriters and TAC subscriptions 36 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 37. NESCO Summary  Focused on building trust through relationships to further security collaboration and sharing  Flexible technology facilitates and catalyzes information/resource sharing efforts  Supports existing successful programs  Security voice of the electric sector 37 7/31/201 3 The National Electric Sector Cybersecurity Organization is partially funded by the US Department of Energy
  • 38. Get Connected  EnergySec Summit: September 25-28 – NESCO Town Hall – CISO Forum – Policy and Technical Tracks  EnergySec University Courses – NERC CIP Training: Las Vegas 10/25 – NERC CIP Training: Sacramento 12/4 – Cybersecurity for Operations: Nashville 11/7  NESCO Voice of the Industry (VOI) Meetings 38 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 39. Get Connected  www.energysec.org  www.energysec.org/join  www.energysec.org/tac-subscription- service  TAC@energysec.org  New NESCO website soon! 39 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy
  • 40. Questions? 40 7/31/201 3 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec with funding assistance from the U.S. Department of Energy Patrick C Miller Principal Investigator, National Electric Sector Cybersecurity Organization President & CEO, EnergySec patrick.miller@energysec.org 503.446.1212 (desk) @patrickcmiller (twitter) www.energysec.org