SlideShare ist ein Scribd-Unternehmen logo

NESCO Overview: Electric Sector Cybersecurity Organization

EnergySec
EnergySec

NESCO was founded in 2004 and received DOE grant funding in 2010 to serve as the National Electric Sector Cybersecurity Organization. It aims to improve cybersecurity in the electric sector through identifying best practices, analyzing threats, focusing research, and encouraging information sharing between government and industry. NESCO currently has over 500 members and facilitates sharing through meetings, briefings, online forums and repositories. Its goal is to build trust for information exchange through relationships rather than technology alone.

Technologie
1 von 19
NESCO: A Closer Look Patrick C Miller, President and CEO March 8 2011 Spring 2011 AGA/EEI Security Conference
History • 7/2004: EnergySec founded as E-Sec NW • 1/2008: SANS Information Sharing Award • 12/2008: Incorporated as EnergySec • 10/2009: 501(c)(3) nonprofit determination • 4/2010: EnergySec applied for National Electric Sector Cybersecurity Organization (NESCO) FOA • 7/2010: NESCO grant award from DOE • 10/2010: NESCO became operational The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
What Is The NESCO? • Mission: Lead a broad-based, public-private partnership to improve electric sector energy systems cyber security; become the security voice of the electric industry • Goals: – Identify and disseminate common, effective cyber security practices – Analyze, monitor and relay infrastructure threat information – Focus cybersecurity research and development priorities – Work with federal agencies to improve electric sector cyber security – Encourage key electric sector supplier and vendor support / interaction The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
Now And Beyond • Today: 544 members from 158 organizations – 74% of US electric distribution – 60% of US electric generation • The asset owners are already sharing • Challenges – Increase and improve asset-owner sharing – Establish two-way sharing from the government and vendor segments The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
Infosharing Characteristics US Government Industry • Deliberate and • Often more ad hoc and authoritative much more agile • Often highly • 100% accuracy isn’t compartmentalized always required • Classifies threats and • Difficult to handle incidents for CI/KR classified information • Holds only some of the • Can share more freely relevant information without needing authorization The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 4
Public-Private Perceptions • Government moves too slowly, over-classifies and narrowly distributes • Industry can’t protect the shared information and doesn’t respond appropriately • Lack of parity in degree and quality of information shared in both directions • Differing goals and motivation between Government and Industry The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
Different Approach • NESCO makes every effort to avoid duplicating already existing successful programs • NESCO is not… – NERC ES-ISAC, CIPIS – DHS ICSJWG, ICS-CERT – FBI InfraGard – National Lab – Vendor The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
How Does This Work? • Sharing requires trust • Trust is built on relationships • NESCO fosters trustworthy relationships – Bringing people together – Flexible technology options to extend and enhance relationships – Organic growth; birds of a feather The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
NESCO Outreach • NESCO outreach programs – Annual Summit (October 2011, San Diego) – Town Hall Meetings (April 27, Austin) – Voice Of The Industry Meetings (everywhere) – Interest Groups (Workforce Development, Forensics, etc) – Webinars, Briefings – Portal/Forums – Email distribution lists – Social media The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
NESCO Technology • Email distribution lists • Secure portal with forums • Secure instant messaging • Rapid notification mechanisms • Web collaboration • Resource repository • Most technologies have non- attribution (anonymous) options The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9
Resource Repository • Code snippets • IDS/attack signatures • Audit templates • Reference architectures • System configurations • Policy, process, procedure templates • Compliance practices • And more… The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 10
Industry Collaboration • What works, what doesn’t • Informal benchmarking • Situational (tactical) awareness • Threat and vulnerability analysis • Shared/crowd-sourced resources (repository) • Mentoring The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 11
Case Study: Tactical Aid • “Over the weekend between 13:00 - 15:00 and 19:00 - 20:00 PST we saw significant port scanning of our edge, originating from; 60.29.244.11…” – Great discussion of port scanning threats – Many follow up posts with yes/no indicators – Dumps of all activity from source address The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 12
Case Study: Night Dragon • 2.9.11:1400 - McAfee reached out to NESCO with pre-release draft of Night Dragon white paper • 2.9.11:1747 - NESCO staff completed analysis, summarized paper and posted to secure portal • 2.10.11:0800 - NESCO & McAfee held joint technical call with over 60 attendees across NA – Dmitri Alperovitch, McAfee's VP Threat Research – Technical talk, answered questions from members • 2.10.11:1200 - McAfee executive public call • NESCO utilities were reviewing the report over six hours prior to public release The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 13
Case Study: DOE Request • DOE was interested in getting informal "boots on the ground” feedback quickly – Question: Does an FBI report about a terrorist targeting various critical assets help strengthen the case for your organization to further improve physical or cyber security? Does it help the business case? • NESCO was able to collect responses without attribution and submit a response to DOE in a matter of a few days • DOE stated that this rapid method for informal questions and answers is very valuable to them The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 14
Case Study: Compliance • Much initial confusion and uncertainty around Regional compliance audits… – What is the auditor disposition? – What was the depth and breadth of questions? – What did they cover? – What failed and what succeeded? • Conference calls with entities willing to share • Real stories of audits were shared • Real documentation was shared The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 15
Conclusion • Unique non-profit, independent, public-private information sharing organization • Focused on building trust through relationships • Security collaboration, facilitation and sharing hub • Flexible technology facilitates and catalyzes information and resource sharing efforts • Security voice of the electric sector • Supports existing successful programs The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 16
Plug In http://www.energysec.org/join Next event is the Town Hall meeting, April 27th, Austin Topic: Obstacles to Information Sharing http://www.energysec.org/town-hall-ercot The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 17
Questions? Non-profit. Independent. Trusted. Patrick C Miller, President and CEO patrick@energysec.org 503-446-1212 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 18

Empfohlen

Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David WollmanMaRS Discovery District
 
Introduction by ann cavoukian
Introduction by ann cavoukianIntroduction by ann cavoukian
Introduction by ann cavoukianMaRS Discovery District
 
Us ignite-update-connectedcollab
Us ignite-update-connectedcollabUs ignite-update-connectedcollab
Us ignite-update-connectedcollabUS-Ignite
 
IoT.ppt
IoT.pptIoT.ppt
IoT.pptKundan Kumar
 
Fia presentatie
Fia presentatieFia presentatie
Fia presentatieictseserv
 

Empfohlen

Emerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEmerson Ovation User Group BOD Meeting
Emerson Ovation User Group BOD MeetingEnergySec
 
EnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec and the NESCO overview
EnergySec and the NESCO overviewEnergySec
 
Don't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampDon't Get Hacked! Cybersecurity Boot Camp
Don't Get Hacked! Cybersecurity Boot CampEnergySec
 
Using the power of data by David Wollman
Using the power of data by David WollmanUsing the power of data by David Wollman
Using the power of data by David WollmanMaRS Discovery District
 
Introduction by ann cavoukian
Introduction by ann cavoukianIntroduction by ann cavoukian
Introduction by ann cavoukianMaRS Discovery District
 
Us ignite-update-connectedcollab
Us ignite-update-connectedcollabUs ignite-update-connectedcollab
Us ignite-update-connectedcollabUS-Ignite
 
IoT.ppt
IoT.pptIoT.ppt
IoT.pptKundan Kumar
 
Fia presentatie
Fia presentatieFia presentatie
Fia presentatieictseserv
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
Securing Humanitarian Connectivity
Securing Humanitarian ConnectivitySecuring Humanitarian Connectivity
Securing Humanitarian ConnectivityCisco Crisis Response
 
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...Cisco Crisis Response
 
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landjiCTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landjiCommonwealth Telecommunications Organisation
 
Applying Data Privacy Techniques on Published Data in Uganda
Applying Data Privacy Techniques on Published Data in UgandaApplying Data Privacy Techniques on Published Data in Uganda
Applying Data Privacy Techniques on Published Data in UgandaKato Mivule
 
One Security Device to Rule Them All
One Security Device to Rule Them AllOne Security Device to Rule Them All
One Security Device to Rule Them AllInnoTech
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
The Network Enabled Emergency Operations Center (EOC)
The Network Enabled Emergency Operations Center (EOC)The Network Enabled Emergency Operations Center (EOC)
The Network Enabled Emergency Operations Center (EOC)Cisco Crisis Response
 
Security, Vulnerability & Redundancy in MN Broadband Infrastrcuture
Security, Vulnerability & Redundancy in MN Broadband InfrastrcutureSecurity, Vulnerability & Redundancy in MN Broadband Infrastrcuture
Security, Vulnerability & Redundancy in MN Broadband InfrastrcutureAnn Treacy
 
Hastily Formed Networks (HFN) at the Waldo Canyon Fire
Hastily Formed Networks (HFN) at the Waldo Canyon FireHastily Formed Networks (HFN) at the Waldo Canyon Fire
Hastily Formed Networks (HFN) at the Waldo Canyon FireRakesh Bharania
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructureUnisys Corporation
 
Social Networks and Data Portability using Semantic Web technologies
Social Networks and Data Portability using Semantic Web technologiesSocial Networks and Data Portability using Semantic Web technologies
Social Networks and Data Portability using Semantic Web technologiesAlexandre Passant
 
Swamc presentation
Swamc presentationSwamc presentation
Swamc presentationAnn Treacy
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Marlon Domingus
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World Internet Society
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoCommonwealth Telecommunications Organisation
 
UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19consultancyss
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamGlobal Knowledge Training
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfAlexandre Pinheiro
 
Colegio intercultural bilingüe santiago de quito
Colegio intercultural bilingüe santiago de quitoColegio intercultural bilingüe santiago de quito
Colegio intercultural bilingüe santiago de quitorobinsonalexander
 
199 baseline security
199 baseline security199 baseline security
199 baseline securityDarrin Jackson
 

Weitere ähnliche Inhalte

Was ist angesagt?

Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...Cisco Crisis Response
 
Applying Data Privacy Techniques on Published Data in Uganda
Applying Data Privacy Techniques on Published Data in UgandaApplying Data Privacy Techniques on Published Data in Uganda
Applying Data Privacy Techniques on Published Data in UgandaKato Mivule
 
One Security Device to Rule Them All
One Security Device to Rule Them AllOne Security Device to Rule Them All
One Security Device to Rule Them AllInnoTech
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
The Network Enabled Emergency Operations Center (EOC)
The Network Enabled Emergency Operations Center (EOC)The Network Enabled Emergency Operations Center (EOC)
The Network Enabled Emergency Operations Center (EOC)Cisco Crisis Response
 
Security, Vulnerability & Redundancy in MN Broadband Infrastrcuture
Security, Vulnerability & Redundancy in MN Broadband InfrastrcutureSecurity, Vulnerability & Redundancy in MN Broadband Infrastrcuture
Security, Vulnerability & Redundancy in MN Broadband InfrastrcutureAnn Treacy
 
Hastily Formed Networks (HFN) at the Waldo Canyon Fire
Hastily Formed Networks (HFN) at the Waldo Canyon FireHastily Formed Networks (HFN) at the Waldo Canyon Fire
Hastily Formed Networks (HFN) at the Waldo Canyon FireRakesh Bharania
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructureUnisys Corporation
 
Social Networks and Data Portability using Semantic Web technologies
Social Networks and Data Portability using Semantic Web technologiesSocial Networks and Data Portability using Semantic Web technologies
Social Networks and Data Portability using Semantic Web technologiesAlexandre Passant
 
Swamc presentation
Swamc presentationSwamc presentation
Swamc presentationAnn Treacy
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Marlon Domingus
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World Internet Society
 
UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19consultancyss
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfAlexandre Pinheiro
 

Was ist angesagt? (20)

Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
Securing Humanitarian Connectivity
Securing Humanitarian ConnectivitySecuring Humanitarian Connectivity
Securing Humanitarian Connectivity
 
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergenc...
 
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landjiCTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
 
Applying Data Privacy Techniques on Published Data in Uganda
Applying Data Privacy Techniques on Published Data in UgandaApplying Data Privacy Techniques on Published Data in Uganda
Applying Data Privacy Techniques on Published Data in Uganda
 
One Security Device to Rule Them All
One Security Device to Rule Them AllOne Security Device to Rule Them All
One Security Device to Rule Them All
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlaw
 
The Network Enabled Emergency Operations Center (EOC)
The Network Enabled Emergency Operations Center (EOC)The Network Enabled Emergency Operations Center (EOC)
The Network Enabled Emergency Operations Center (EOC)
 
Security, Vulnerability & Redundancy in MN Broadband Infrastrcuture
Security, Vulnerability & Redundancy in MN Broadband InfrastrcutureSecurity, Vulnerability & Redundancy in MN Broadband Infrastrcuture
Security, Vulnerability & Redundancy in MN Broadband Infrastrcuture
 
Hastily Formed Networks (HFN) at the Waldo Canyon Fire
Hastily Formed Networks (HFN) at the Waldo Canyon FireHastily Formed Networks (HFN) at the Waldo Canyon Fire
Hastily Formed Networks (HFN) at the Waldo Canyon Fire
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
 
Social Networks and Data Portability using Semantic Web technologies
Social Networks and Data Portability using Semantic Web technologiesSocial Networks and Data Portability using Semantic Web technologies
Social Networks and Data Portability using Semantic Web technologies
 
Swamc presentation
Swamc presentationSwamc presentation
Swamc presentation
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.
 
“Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World “Security” In a Digital Interconnected World
“Security” In a Digital Interconnected World
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander Ntoko
 
UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdf
 

Andere mochten auch

Colegio intercultural bilingüe santiago de quito
Colegio intercultural bilingüe santiago de quitoColegio intercultural bilingüe santiago de quito
Colegio intercultural bilingüe santiago de quitorobinsonalexander
 
Tarea 2 complementar el silabo Embriologia I
Tarea 2 complementar el silabo Embriologia ITarea 2 complementar el silabo Embriologia I
Tarea 2 complementar el silabo Embriologia INoelvis Napoles
 
10 Most Haunted Places in New Orleans Plantation Country
10 Most Haunted Places in New Orleans Plantation Country10 Most Haunted Places in New Orleans Plantation Country
10 Most Haunted Places in New Orleans Plantation Countrynolaplantations
 
Narcotic controlled drugs policy and procedurelast
Narcotic controlled drugs policy and procedurelastNarcotic controlled drugs policy and procedurelast
Narcotic controlled drugs policy and procedurelastKnikkos
 
Dispensing of controlled substances
Dispensing of controlled substancesDispensing of controlled substances
Dispensing of controlled substancesZulcaif Ahmad
 

Andere mochten auch (7)

Colegio intercultural bilingüe santiago de quito
Colegio intercultural bilingüe santiago de quitoColegio intercultural bilingüe santiago de quito
Colegio intercultural bilingüe santiago de quito
 
199 baseline security
199 baseline security199 baseline security
199 baseline security
 
Tarea 2 complementar el silabo Embriologia I
Tarea 2 complementar el silabo Embriologia ITarea 2 complementar el silabo Embriologia I
Tarea 2 complementar el silabo Embriologia I
 
10 Most Haunted Places in New Orleans Plantation Country
10 Most Haunted Places in New Orleans Plantation Country10 Most Haunted Places in New Orleans Plantation Country
10 Most Haunted Places in New Orleans Plantation Country
 
Narcotic controlled drugs policy and procedurelast
Narcotic controlled drugs policy and procedurelastNarcotic controlled drugs policy and procedurelast
Narcotic controlled drugs policy and procedurelast
 
Tccsa
TccsaTccsa
Tccsa
 
Dispensing of controlled substances
Dispensing of controlled substancesDispensing of controlled substances
Dispensing of controlled substances
 

Ähnlich wie NESCO Overview: Electric Sector Cybersecurity Organization

Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorEnergySec
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorEnergySec
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingEnergySec
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveEnergySec
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsEnergySec
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity BriefingEnergySec
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground UpEnergySec
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...TheAnfieldGroup
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 OverviewEnergySec
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITEnergySec
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription WebinarEnergySec
 
NESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewNESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewEnergySec
 
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Great Wide Open
 
"How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo...
"How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo..."How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo...
"How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo...Smart Grid Interoperability Panel
 
Nicce, Inc. National Institute for the Commercialization of Clean Energy
Nicce, Inc. National Institute for the Commercialization of Clean EnergyNicce, Inc. National Institute for the Commercialization of Clean Energy
Nicce, Inc. National Institute for the Commercialization of Clean EnergyCarole Inge
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...EnergySec
 
170131 tryggve-at ssi-biobanks-ap
170131 tryggve-at ssi-biobanks-ap170131 tryggve-at ssi-biobanks-ap
170131 tryggve-at ssi-biobanks-apanttipursula
 

Ähnlich wie NESCO Overview: Electric Sector Cybersecurity Organization (20)

Next Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric SectorNext Generation Information Sharing for the Electric Sector
Next Generation Information Sharing for the Electric Sector
 
Next Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric SectorNext Generation Information Sharing For The Electric Sector
Next Generation Information Sharing For The Electric Sector
 
NESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD MeetingNESCO Overview: Emerson Ovation User Group BOD Meeting
NESCO Overview: Emerson Ovation User Group BOD Meeting
 
Interoperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business PerspectiveInteroperability, Standards and Cybersecurity: A Business Perspective
Interoperability, Standards and Cybersecurity: A Business Perspective
 
The Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity RequirementsThe Expanding Web of Cybersecurity Requirements
The Expanding Web of Cybersecurity Requirements
 
EISS Cybersecurity Briefing
EISS Cybersecurity BriefingEISS Cybersecurity Briefing
EISS Cybersecurity Briefing
 
EnergySec & NESCO Overview
EnergySec & NESCO OverviewEnergySec & NESCO Overview
EnergySec & NESCO Overview
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
Security From the Ground Up
Security From the Ground UpSecurity From the Ground Up
Security From the Ground Up
 
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...
 
NESCO Year 2 Overview
NESCO Year 2 OverviewNESCO Year 2 Overview
NESCO Year 2 Overview
 
Bridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and ITBridging the Gap: Between Operations and IT
Bridging the Gap: Between Operations and IT
 
TAC Subscription Webinar
TAC Subscription WebinarTAC Subscription Webinar
TAC Subscription Webinar
 
NESCO/NESCOR Joint Overview
NESCO/NESCOR Joint OverviewNESCO/NESCOR Joint Overview
NESCO/NESCOR Joint Overview
 
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
Open Source and Cyber Security: Open Source Software's Role in Government Cyb...
 
"How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo...
"How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo..."How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo...
"How Today's Power Grid Implementation Choices Impact Future Smart Grid Deplo...
 
Nicce, Inc. National Institute for the Commercialization of Clean Energy
Nicce, Inc. National Institute for the Commercialization of Clean EnergyNicce, Inc. National Institute for the Commercialization of Clean Energy
Nicce, Inc. National Institute for the Commercialization of Clean Energy
 
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...
 
Kelvin Cantafio - The Power of Innovation
Kelvin Cantafio - The Power of InnovationKelvin Cantafio - The Power of Innovation
Kelvin Cantafio - The Power of Innovation
 
170131 tryggve-at ssi-biobanks-ap
170131 tryggve-at ssi-biobanks-ap170131 tryggve-at ssi-biobanks-ap
170131 tryggve-at ssi-biobanks-ap
 

Mehr von EnergySec

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseEnergySec
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...EnergySec
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyEnergySec
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...EnergySec
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityEnergySec
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementEnergySec
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachEnergySec
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!EnergySec
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleEnergySec
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsEnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueEnergySec
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherEnergySec
 

Mehr von EnergySec (20)

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each Other
 

Kürzlich hochgeladen

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 

Kürzlich hochgeladen (20)

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

NESCO Overview: Electric Sector Cybersecurity Organization

  • 1. NESCO: A Closer Look Patrick C Miller, President and CEO March 8 2011 Spring 2011 AGA/EEI Security Conference
  • 2. History • 7/2004: EnergySec founded as E-Sec NW • 1/2008: SANS Information Sharing Award • 12/2008: Incorporated as EnergySec • 10/2009: 501(c)(3) nonprofit determination • 4/2010: EnergySec applied for National Electric Sector Cybersecurity Organization (NESCO) FOA • 7/2010: NESCO grant award from DOE • 10/2010: NESCO became operational The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 1
  • 3. What Is The NESCO? • Mission: Lead a broad-based, public-private partnership to improve electric sector energy systems cyber security; become the security voice of the electric industry • Goals: – Identify and disseminate common, effective cyber security practices – Analyze, monitor and relay infrastructure threat information – Focus cybersecurity research and development priorities – Work with federal agencies to improve electric sector cyber security – Encourage key electric sector supplier and vendor support / interaction The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 2
  • 4. Now And Beyond • Today: 544 members from 158 organizations – 74% of US electric distribution – 60% of US electric generation • The asset owners are already sharing • Challenges – Increase and improve asset-owner sharing – Establish two-way sharing from the government and vendor segments The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 3
  • 5. Infosharing Characteristics US Government Industry • Deliberate and • Often more ad hoc and authoritative much more agile • Often highly • 100% accuracy isn’t compartmentalized always required • Classifies threats and • Difficult to handle incidents for CI/KR classified information • Holds only some of the • Can share more freely relevant information without needing authorization The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 4
  • 6. Public-Private Perceptions • Government moves too slowly, over-classifies and narrowly distributes • Industry can’t protect the shared information and doesn’t respond appropriately • Lack of parity in degree and quality of information shared in both directions • Differing goals and motivation between Government and Industry The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 5
  • 7. Different Approach • NESCO makes every effort to avoid duplicating already existing successful programs • NESCO is not… – NERC ES-ISAC, CIPIS – DHS ICSJWG, ICS-CERT – FBI InfraGard – National Lab – Vendor The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 6
  • 8. How Does This Work? • Sharing requires trust • Trust is built on relationships • NESCO fosters trustworthy relationships – Bringing people together – Flexible technology options to extend and enhance relationships – Organic growth; birds of a feather The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 7
  • 9. NESCO Outreach • NESCO outreach programs – Annual Summit (October 2011, San Diego) – Town Hall Meetings (April 27, Austin) – Voice Of The Industry Meetings (everywhere) – Interest Groups (Workforce Development, Forensics, etc) – Webinars, Briefings – Portal/Forums – Email distribution lists – Social media The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 8
  • 10. NESCO Technology • Email distribution lists • Secure portal with forums • Secure instant messaging • Rapid notification mechanisms • Web collaboration • Resource repository • Most technologies have non- attribution (anonymous) options The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 9
  • 11. Resource Repository • Code snippets • IDS/attack signatures • Audit templates • Reference architectures • System configurations • Policy, process, procedure templates • Compliance practices • And more… The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 10
  • 12. Industry Collaboration • What works, what doesn’t • Informal benchmarking • Situational (tactical) awareness • Threat and vulnerability analysis • Shared/crowd-sourced resources (repository) • Mentoring The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 11
  • 13. Case Study: Tactical Aid • “Over the weekend between 13:00 - 15:00 and 19:00 - 20:00 PST we saw significant port scanning of our edge, originating from; 60.29.244.11…” – Great discussion of port scanning threats – Many follow up posts with yes/no indicators – Dumps of all activity from source address The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 12
  • 14. Case Study: Night Dragon • 2.9.11:1400 - McAfee reached out to NESCO with pre-release draft of Night Dragon white paper • 2.9.11:1747 - NESCO staff completed analysis, summarized paper and posted to secure portal • 2.10.11:0800 - NESCO & McAfee held joint technical call with over 60 attendees across NA – Dmitri Alperovitch, McAfee's VP Threat Research – Technical talk, answered questions from members • 2.10.11:1200 - McAfee executive public call • NESCO utilities were reviewing the report over six hours prior to public release The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 13
  • 15. Case Study: DOE Request • DOE was interested in getting informal "boots on the ground” feedback quickly – Question: Does an FBI report about a terrorist targeting various critical assets help strengthen the case for your organization to further improve physical or cyber security? Does it help the business case? • NESCO was able to collect responses without attribution and submit a response to DOE in a matter of a few days • DOE stated that this rapid method for informal questions and answers is very valuable to them The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 14
  • 16. Case Study: Compliance • Much initial confusion and uncertainty around Regional compliance audits… – What is the auditor disposition? – What was the depth and breadth of questions? – What did they cover? – What failed and what succeeded? • Conference calls with entities willing to share • Real stories of audits were shared • Real documentation was shared The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 15
  • 17. Conclusion • Unique non-profit, independent, public-private information sharing organization • Focused on building trust through relationships • Security collaboration, facilitation and sharing hub • Flexible technology facilitates and catalyzes information and resource sharing efforts • Security voice of the electric sector • Supports existing successful programs The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 16
  • 18. Plug In http://www.energysec.org/join Next event is the Town Hall meeting, April 27th, Austin Topic: Obstacles to Information Sharing http://www.energysec.org/town-hall-ercot The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 17
  • 19. Questions? Non-profit. Independent. Trusted. Patrick C Miller, President and CEO patrick@energysec.org 503-446-1212 The National Electric Sector Cybersecurity Organization (NESCO) is a DOE-funded EnergySec Program 18