The Electricity Information Sharing and Analysis Center’s (E-ISAC) Long-Term Strategic Plan has three primary focus areas—Engagement, Information Sharing, and Analysis—and embraces the following ongoing needs: review priorities under each focus area, ensure alignment between priorities, optimize resource allocation, and develop, refine, and track metrics to measure progress.
In 2019, the E-ISAC took steps to improve the efficiency of operations and prioritize higher impact activities. The E-ISAC strengthened its leadership and security operations and reorganized to align and optimize cyber and physical security teams as part of an integrated watch operations team. The E-ISAC also focused on developing Portal postings and products that offer greater context and more actionable information. In addition, the E-ISAC created a performance management group to oversee the implementation of process improvements, technology, and metrics to improve the quality, timeliness, and value of information sharing, data management, and analysis.
This plan provides updates to reflect those improvements and identifies near- and long-term focus areas.
Russia leads as countries begin migration from Windows to Linux
Russia, China, and South Korea are all migrating from Windows to Linux. Russia and China cite security concerns while South Korea cites cost reduction.
Top phishing subject lines
Personal web data removal workbook
The E-ISAC Physical Security Analysis Team in coordination with the Physical Security Advisory Group has developed the attached Copper Theft Prevention White Paper using insight from industry experts, as well as open source resources. This paper aims to provide copper theft prevention best practices and lessons learned that asset owners and operators (AOOs) have implemented sucessfully in North America. Please feel free to submit any additional prevention and mitigation techniques to firstname.lastname@example.org for future updates.
The April 2013 sniper attack on Pacific Gas and Electric’s Metcalf substation has been described as a “wake-up call” or an alarm for the electric utility industry to apply closer scrutiny to the vulnerability of key infrastructure to various kinds of attack – whether physical, as in the Metcalf shooting, or in the form of cyber-attacks that might impair physical operations.
The white paper goes into detailed discussion of three major topics. The first is about identifying a process for the prioritization of strategic electrical facilities and determining appropriate security measures or approaches to ensuring resiliency of the system. The second discusses establishing practices for the exchange of highly-confidential or “sensitive” information between utilities and the Commission. The last topic goes into confirming whether existing incident reporting requirements are adequate. These three subject areas are examined with an eye toward ensuring appropriate regulatory oversight of jurisdictional utility operational performance, and providing a mechanism for entities not subject to CPUC ratemaking authority to identify their own most appropriate measures.
The Department of Homeland Security (DHS)/National Protection and Programs Directorate (NPPD)/Office of Cyber and Infrastructure Analysis (OCIA) assesses that unmanned aircraft systems (UASs) provide malicious actors an additional method of gaining undetected proximity to networks and equipment within critical infrastructure sectors. Malicious actors could use this increased proximity to exploit unsecured wireless systems and exfiltrate information. Malicious actors could also exploit vulnerabilities within UASs and UAS supply chains to compromise UASs belonging to critical infrastructure operators and disrupt or interfere with legitimate UAS operations.
On August 10-14, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) conducted Cyber Storm 2020 (CS 2020), the seventh iteration of the national capstone cyber exercise that brings together the public and private sectors to simulate response to a cyber crisis impacting the Nation’s critical infrastructure.
Cyber Storm exercises are part of CISA’s ongoing efforts to assess and strengthen cyber preparedness and examine incident response processes. The exercise findings contribute to safeguarding the Nation’s security and cyber infrastructure by identifying ways to strengthen coordinated incident response along the whole-of-Nation approach outlined in the National Cyber Incident Response Plan (NCIRP).
CISA sponsors the exercise series to improve capabilities of the cyber incident response community, encourage the advancement of public-private partnerships within the critical infrastructure sectors, and strengthen the relationship between the Federal Government and its government partners at the state, local, and international levels.
The goal of Cyber Yankee 2019 was to continue the successful execution of a realistic cyber exercise for Army National Guard Defensive Cyberspace Operations Elements (DCOE) and other Cyber units to further train and apply their skills as cyber defenders. This year, we also integrated the several agencies from the State of New Hampshire, the 229th COS, additional legal support, and elements of the 91st Cyber Brigade. Exercise planners used lessons learned from Cyber Yankee 2015-2018 to improve the exercise. The exercise focused on developing strong collaboration across all of the New England Cyber elements, state, and federal government partners in cyber defense. Cyber Yankee ’19 was part of the Federal Emergency Management Agency (FEMA) National Exercise Program.
The end state was continued development of a more robust capacity and capability for the Defensive Cyberspace Operations Elements and other Guard and Reserve cyber units in the New England states as well as a growth in partnerships across multiple levels of government throughout the region. Conducting the exercise at the unclassified level (leveraging open source intelligence information) ensured maximum relevant and current training for all government and non-government participants.
Throughout 2016, the E-ISAC collected, analyzed, and shared information on physical and cyber security issues, and this report is a review of the main issues covered over the year. The information came from open source reporting, electricity members, and federal partners and includes the E-ISAC's analytical summary of those collective reports. This report looks at how the E-ISAC may further identify trends and patterns benefitting members.
The E-ISAC Brochure describes the products and services provided to asset owners and operators and select government and cross-sector partners in North America.
The brochure is intended to provide potential E-ISAC Portal members an overview of the benefits of joining the E-ISAC Portal, what types of information to share, and how to share with the E-ISAC.