Brent Castagnetto Manager, Cyber Security Audits & Investigations Team
-
Upload
september-vasquez -
Category
Documents
-
view
18 -
download
0
description
Transcript of Brent Castagnetto Manager, Cyber Security Audits & Investigations Team
![Page 1: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/1.jpg)
Brent CastagnettoManager, Cyber Security Audits &
Investigations Team
CIP v5 Implementation GuidanceCIP v5 Roadshow Salt Lake City, UT
May 14-15, 2014
![Page 2: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/2.jpg)
2
Revision History
CIP Implementation Change History Date Description
Implementation Plan Added slide 9 3/7/2014 Added slide describing newly identified Critical Assets
![Page 3: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/3.jpg)
3
• The makeup of CIP v5
• Key dates
• Timeline and date matrix
• V5 Transition Pilot review and next steps
Agenda
![Page 4: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/4.jpg)
4
• BES Cyber Asset (BCA)• Protected Cyber Asset (PCA)• BES Cyber System (BCS)• BES Cyber System Information• CIP Exceptional Circumstance• Impact Rating Criteria (IRC)
New / Modified CIP Terms
![Page 5: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/5.jpg)
5
V3 V5
V3 to V5 Facilities Comparison
![Page 6: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/6.jpg)
6
Decrypting CIP v5
![Page 7: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/7.jpg)
7
• V5 Formato Background section before requirementso Requirement and Measurement next to each othero Rationale and guidance developed in parallel with
Requirementso Two posting formats – one with guidance/rationale
text boxes inline; other with guidance and rational text grouped at end
o Still must audit only to the requiremento Guidelines and Technical Basis section at end
Decrypting CIP v5
![Page 8: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/8.jpg)
8
• V5 Approval Date November 21, 2013
• V5 Effective Date February 3, 2014
• V5 Initial Compliance Date April 1, 2016o Keep in mind the CIP v5 Implementation Plan dates
(pages 2-3)
Key Dates
![Page 9: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/9.jpg)
9
• During the remainder of the transition period, newly identified assets applicable to the Version 3 based on the “Implementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities” may migrate directly to Version 5 applicable standards and requirements. o The Registered Entity must follow the timeline established for V3 for assets
coming into compliance before V5 effective dates o In the event of newly acquired companies or mergers, the Registered Entity shall
coordinate with their Region to clarify anticipated compliance dates and expectations during the transition.
• Entities notified by Registered 3rd parties (such as TP, RC, PA) resulting in High or Medium BES Cyber Assets during the transition period have 12-24 months from the time of notification to bring the assets into compliance. The V5 Implementation Plan’s Scenario for Unplanned Changes should be referenced to determine if the notified entity will be on the 12 month or 24 month implementation window.
Implementation For Newly Identified Cyber Assets
![Page 10: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/10.jpg)
10
• Initial Performance of Certain Periodic Requirementso Specific Version 5 CIP Cyber Security
Standards have periodic requirements that contain time parameters for subsequent and recurring iterations of the requirement, such as, but not limited to,“. . . at least once every 15 calendar months . . .”, and responsible entities shall comply initially with those periodic requirements as follows:
V5 Implementation for Periodic Requirements
![Page 11: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/11.jpg)
11
V5 Implementation Timeline
![Page 12: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/12.jpg)
12
V5 Implementation Timeline
![Page 13: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/13.jpg)
13
Address V3 to V5 Transition
issues.
Provide a clear roadmap for V5
steady-state.
Justify budget for V5
implementation and
compliance.
Foster communication and knowledge
sharing.
CIP v5 Transition Study Pilot Goals
![Page 14: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/14.jpg)
14
CIP v5 Transition Study Pilot Elements
•A new transition guidance will be provided after V5 Order
Periodic Guidance
•6 entities with strong compliance cultures•6-8 month implementation of V5 for certain facilities•Lessons learned throughout and after study phase
Implementation Study
•Integration with RAI•Identify approaches to address IAC alternative processes
Compliance and Enforcement
•New website created for all Transition Program activity•http://www.nerc.com/pa/CI/Pages/Transition-Program.aspx
Outreach & Communications
•Quarterly training opportunities will be provided to industry•V5 Technical Training will be provided at the March 4th CIPC Meeting in St. Louis
Training
![Page 15: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/15.jpg)
15
• V5 Implementation Plan o http://www.nerc.com/pa/comp/Resources/ResourcesDL
/Cyber%20Security%20Standards%20Transition%20Guidance%20%28Revised%29.pdf
• NERC CIPC Presentation on Transition Guidanceo http://www.nerc.com/pa/CI/CIPOutreach
/CIP%20Training/CIP%20Technical%20Workshop.pdf
References
![Page 16: Brent Castagnetto Manager, Cyber Security Audits & Investigations Team](https://reader036.fdocument.pub/reader036/viewer/2022081519/568136ec550346895d9e8113/html5/thumbnails/16.jpg)
Brent Castagnetto CBRM, CBRA, MABRManager, Cyber Security Audits & Investigations
O: 801.819.7627M: [email protected]
Questions?