A new program aims to increase involvement and enhance collaboration and information sharing between member utilities of The North American Electric Reliability Corporation (NERC) Electricity Information Sharing and Analysis Center (E-ISAC). E-ISAC, in partnership with the Large Public Power Council, began an initiative in January called the Industry Augmentation Program, which invites utility staff for multi-day visits to work with E-ISAC personnel. The Industry Augmentation Program aims to raise awareness of E-ISAC cyber and physical security analysis processes, data protection and the separation from NERC’s compliance functions, provide an avenue for the E-ISAC to receive feedback from industry on tools and communications protocols and strengthen utility security programs and staff expertise. “This program highlights the benefit of multi-directional information sharing between the E-ISAC and industry,” Bill Lawrence, director of the E-ISAC, said.
Update to OE-417
The updated OE-417 form is going through the White House Office of Management and Budget (OMB) review now after two rounds of public comment. Since the updated form is under review, the current version will stay in effect until the new version is approved. DOE will update the website with a message noting the continued use of the current version pending recertification.
experts will come together to share ideas, methods, and techniques for defending control systems. In-depth
presentations and interactive panel discussions will highlight real-world approaches that work and make a difference
for the individuals fighting this fight every day.
March Event - CYBER STRIKE WORKSHOP
The training will offer attendees a hands-on, simulated demonstration of a cyber-attack, drawing from elements of the December 2015 Ukraine cyber incident. The workshop will be conducted by utilizing a series of exercises/labs listed below that workshop attendees will have to work through in teams. Other topics that will be referenced include the North American Electric Reliability Corporation (NERC) alert related to the 2015 Ukraine cyber incident and the applicability of NERC Critical Infrastructure Protection (CIP) reliability standards* for such an incident. However, the primary focus will not be standards, but rather understanding the Ukraine cyber incident from a technical perspective to enhance cyber preparedness.