Knowledge

9/20/2015

Log Management Compliance - NERC CIP - The North American Electric Reliability Corporation

NERC has its own framework to protect bulk power systems against cybersecurity compromises that could result in operational failures or instability. The NERC CIP v5 further addresses cyber-related risks facing this sector by indorsing organizations to categorize BES, Bulk Electric Systems, into high, medium, and low impact. After being categorized, BES assets can have suitable CIP, Critical Infrastructure Protection, standard applied to address risk.

LogIT assists to meet NERC CIP compliance mandates with automation modules for both v3 and v5 to help organizations in working through the transition period. These modules will rationalize your compliance and provide advanced features for monitoring and enforcement, along with delivering content through reporting packages.

LogIT achieve’s NERC CIP Compliance by:

  • Ensuring that the BES operates within the requirements of applicable policies, legislation and regulations.
  • Providing an essential contribution to the qualification of risks to the confidentiality, integrity and availability of information assets provided by BES.
  • Contributing to mandatory reporting and process requirements of NERC CIP.
  • Delivering a real-time feed of information concerning the current status and threats to BES, safeguarding incidents are detected, investigated and remediated.
  • Ensuring that the BES are used within the distinct parameters and are not used for wasteful or unlawful purposes.
  • Enhancing other security countermeasures to offer a complete deep defense approach and facilitate automated responses to threats to bulk electric systems.
  • Our maturity module connects the gap between the NERC CIP compliance platform to leverage cybersecurity and threat intelligence components.

LogIT makes it easy to tailor NERC CIP enforcement to fit any organization’s risk priorities. Simply by adjusting alarm priority to align with at-risk BES components it allows quick prioritizing events, gathering forensic data and implementation remediation efforts to prevent disoperation or instability. It can help ease forensic investigation and incident response activities. LogIT’s risk-based priority system applies risk and threat factor to automatically qualify alarms to ensure our clients can spend time working with even the highest-risk concerns without any fear.

Check out Digital Edge’s Log Management Solution: LogIT, where you can learn how our unparalleled solutions can enforce continuous compliance. To assess your Log Management needs and budget your project, visit our Log Management Assessment tool for your instant quote!

For more information on NERC CIP visit http://www.nerc.com/Pages/default.aspx.

 If you feel that you need assistance from the Digital Edge Security team, please contact us at www.digitaledge.net/contact/.

Michael Petrov
Founder, Chief Executive Officer

Michael brings 30 years of experience as an information architect, optimization specialist and operations’ advisor. His experience includes extensive high-profile project expertise, such as mainframe and client server integration for Mellon Bank, extranet systems for Sumitomo Bank, architecture and processing workflow for alternative investment division of US Bank. Michael possesses advanced knowledge of security standards such as ISO 27001, NIST, SOC and PCI that brings into any solutions delivered by Digital Edge. Security solutions and standards are expended into public cloud such as AWS and Azure.

Was this article helpful?