National Cybersecurity Center of Excellence (NCCoe) - a part of NIST
There’s some cybersecurity news to share coming out of the energy sector.
Waratek, along with a group of companies including Hewlett Packard Enterprise, Siemens, and RSA, worked closely with the National Cybersecurity Center of Excellence (NCCoe), a part of the National Institutes of Standards and Technology (NIST), to develop an example solution for electric companies to alert their staff to potential or actual cyberattacks directed at the grid. The example draft outlines the implementation of this solution and comments from the public are sought until April 17, 2017.
The NCCoE recently released the guide to explore the methods utilities can use to more readily detect and remediate anomalous conditions, investigate the chain of events that led to the anomalies, and share findings with other energy companies. The guide shows how companies can control physical and logical access to resources across the energy sector using standards, best practices, and commercially available products in a step-by-step format.
The draft is available for download on the NCCoE website and public comments are encouraged on this step-by-step guide, which is modular and suitable for organizations of all sizes. It also maps security characteristics to guidance and best practices from NIST and other standards organizations. Remember, the NCCoE is seeking comments on this draft through April 17th.
“Collaborating with stakeholders such as members of industry, technology providers, and integrators to produce viable cybersecurity solutions is key to the NCCoE’s success,” said Jim McCarthy, NCCoE Senior Security Engineer and project lead for NCCoE’s energy sector team. “The Situational Awareness practice guide is another successful example of how these stakeholders engage with NCCoE to produce solutions to real word problems that can be adopted to reduce the level of risk for owners and operators in the Energy Sector.”
The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges.
Better communication tactics lead to faster resolutions.