NERC CIP Compliance
Incorporate all NERC CIP Compliance standards
North American Electric Reliability Corporation (NERC) standards were set to ensure the reliability of the bulk power system in North America. Through their Critical Infrastructure Protection (CIP) standards, NERC has created a guiding framework that reaches across every segment of the power industry-outlining the configuration security benchmarks each entity must meet in order to secure their cyber assets, get compliant, and then stay that way.
Tripwire automates the compliance of the most challenging sections of the CIPs, helps ensure the security of the electronic perimeter, and provides management of critical systems.
Tripwire delivers a comprehensive solution by:
- Automating NERC CIP compliance by rapidly assessing the IT infrastructure and matching current configurations against configurations mandated by NERC's CIP Standards.
- Maintaining continuous NERC CIP compliance by constantly monitoring configurations, alerting IT if a non-compliant change is made and by generating NERC-specific audit artifacts.
- Automating the repair of configurations that intentionally or accidentally fall from secure and compliant states
- Monitoring and logging access at access points
- Mitigating cyber security risks by monitoring and reporting on every change made or attempted.
- Integrating with leading change management systems to detect unauthorized change and non-conforming configurations.
Watch the Tough Issues in the Energy Sector, Video Series
In this video series, Patrick C. Miller, President and CEO of EnergySec, and Sean Sherman, cyber security expert, discuss some of the energy sector's toughest issues.
Compliance Standards in the Utility Industry
The NERC CIPs provides welcome guidance for assuring security and accountability for the grids, but these compliance requirements are agreed to be insufficient. Learn about various challenges the utility industry faces as the standards naturally evolve and sophisticated cyber attacks increase. Then learn some approaches that may help reduce security vulnerabilities and protect critical infrastructure.
View Now
Cultural Clash: An Old Industry vs. IT and Cyber Security
As the grid increasingly relies on new technology in its infrastructure, the old-school operational and physical security mentality tends to clash with the relatively newer IT cyber security culture. Learn about the cultural history of the utilities industry and how these two groups can work together to assure stable, reliable and secure grids.
View Now
Defending Against Stuxnet and Other Cyber Threats
The Stuxnet worm took information security and operations practitioners by surprise by not only targeting specific critical industrial infrastructure, but by also reprogramming programmable logic controllers (PLCs) and covering its tracks. Learn what serious infrastructure vulnerabilities Stuxnet revealed and how it demonstrated the sophistication of today’s cyber attacks.
View Now
Smart Grid and Cyber Security
As utilities increasingly turn to Smart Grid technologies in the hope of augmenting the reliability and security of their systems, they need to consider the impact of regulations, security and costs this may bring. Learn about the issues entities face when they adopt these technologies, and how to mitigate potential risks, identify new vulnerabilities faster, and better protect the critical infrastructure and Smart Grids.
View Now
NERC Resources
To browse more white papers, visit the resource library.
To browse more videos, visit the resource library.
Resource Library
Read, watch or listen to valuable information about Tripwire solutions, customer success stories, IT security and compliance best practices, and more.