SERC Spring CIP Security Webinar
March 1, 2023 8:30 a.m. – 12:30 p.m. Eastern WebEx
SERC is committed to providing training and non-binding guidance to industry stakeholders regarding emerging and revised Reliability Standards. However, compliance depends on a number of factors including the precise language of the Standard, the specific facts and circumstances, and the quality of evidence.
Purpose: CIP Themed discussions will focus on reliability and security of the bulk power system and lessons learned . • Explain new compliance program developments within the ERO • Review new or existing CIP standards and audit approaches • Present examples of good practices by registered entities within the SERC Region Target Audience: This event will be of interest to CIP-focused technical staff of registered entities responsible for compliance with NERC Reliability Standards.
WebEx Logon Useful Links Questions for SERC Speaker Bios
Theagendaallows timefor Q&Aafter eachpresentation.Therefore,timeslisted mayvary.
Agenda
Wednesday, March 1, 2023
WebEx Logon Useful Links Questions for SERC Speaker Bios
Brian Allen –SERC Manager, CIP Monitoring
8:30 a.m.
Welcome
Rick Dodd –SERC Senior CIP Compliance Specialist
8:40 a.m.
2022 Most violated CIP standards and SERC top risk
9:00 a.m.
CIP Audit Observations
Robert Vaughn –SERC CIP Auditor Matt Stryker -SERC Principal CIP Auditor
Vijay Naik –SERC Senior CIP Auditor Brian Allen –SERC Manager, CIP Monitoring
9:45 a.m.
Early Adoption Strategy for upcoming CIP-004-7 and CIP-011-3 Standards
10:00 a.m.
Break
Agenda
Wednesday, March 1, 2023
WebEx Logon Useful Links Questions for SERC Speaker Bios
Jermaine Green -SERC CIP Auditor Greg Hardin – SERC Program Manager, C IP
10:15 a.m.
Exploitation of B aseline and Configuration Change Management
Steven Keller - SERC CIP Auditor Carlos Valiente – SERC Program Manager, Security
10:40 a.m.
Exploitation of P oor P atching and S ystem A ccount S ecurity
11:00 a.m.
Break
Etinnie Burnett- SERC CIP Auditor Eric Howell – SERC Program Manager, C IP
11:15 a.m.
Ransomware Conversation – Best practices
Agenda
Wednesday, March 1, 2023
WebEx Logon Useful Links Questions for SERC Speaker Bios
Meeting CIP004 R4 and R5 Compliance with Innovative Automation and Integration
11:40 a.m.
Audrey Hopkins – Duke Energy Lead Cybersecurity IAM Analyst
12:10 p.m.
Evidence Request Tool Update
Justin Kelly –SERC Senior CIP Engineer
12:25 p.m.
Wrap – Up
Brian Allen –SERC Manager, CIP Monitoring
WebEx Logon
The WebExsessionwillbe recorded.The recordingwillbe postedto theSERC website and will, therefore, become public .
WebEx Logon Useful Links Questions for SERC Speaker Bios
WebExlogin information is available through Eventbrite and will also be sent via email to registered attendees by Monday,February 27,2023
Participants will be muted upon entry to eliminate background noise. Please send questions through the Chat feature.
IMPORTANT NOTICE: Please note that this WebEx service allows audio and other information sent during the session to be recorded, which may be discoverable in a legal matter. By joining this session, you automatically consent to such recordings. If you do not consent to being recorded, discuss your concerns with the host or do not join the session.
Slido Information SERC will be making use of slido to encourageAudience engagementas well as the Event Feedback Survey. Please scan the QR code below or go to slido.com #SERC
Useful Links
WebEx Logon Useful Links Questions for SERC Speaker Bios
Topic
Purpose
Registered Entity Forum CIP REF Steering Committee Members O&PREF SteeringCommitteeMembers
If you have a question you would like to submit anonymously, you may do so by contacting one of the Registered Entity Forum Steering Committee members.
Resource Library Newsroom
eLearning Modules, COVID-19, Hurricane and Cold Weather Preparedness, Supply Chain Resources. Past and present newsletters.
Events Calendar
Register for SERC’s upcoming outreach events
Acronym List
IndustryAcronym Reference Index
Questions for SERC
• Q&A Process • Entity Assistance Topic
WebEx Logon Useful Links Questions for SERC Speaker Bios
• General inquiries / FAQ • Seminar & W ebinar Topic Suggestions • Media inquiries
Support@serc1.org
• SERC Membership • SERC Committees • SERC Compliance& CommitteePortal/Committeerelated issues
• Registration and Certification Issues • Compliance monitoringmethods: o Self-Certification o Self-Report submittals o Compliance data submittals • Enforcement and Mitigation o Mitigation Plan submittals • SERC Compliance & Committee Portal-Compliance related issues
SERCComply@serc1.org
• Reliability Assessmentdata reporting • Reliability Assessmentforms • Annual Voting Rights • Reliability Data Reporting Portal
RAStaff@serc1.org
• Industry Subject Matter Expert (ISME) Program • Submitting an ISME application
ISME@serc1.org
• Situational Awareness • Events Analysis
SAEA@serc1.org
Speaker Biographies
Brian Allen - SERC Brian joined SERC Reliability Corporation in September 2021 as Manager, CIP Monitoring.
Brian served as a CIP Assurance Advisor in the NERC Grid Assurance group. In this position, Brian worked with the Assurance Team to provide oversight, guidance, and coordination in managing programs and processes to monitor, review, and evaluate program effectiveness of the Electric Reliability Organization (ERO) Enterprise implementation of risk-based compliance monitoring and adherence to the NERC Rules of Procedure, Compliance Monitoring and Enforcement Program, and approved delegation agreements. Brian joined the NERC CIP Assurance team in January 2019. Prior to NERC, Brian served as a Cyber Security Specialist at Georgia Systems Operation Corporation. In this role, Brian worked within Security Operations focusing on governance, risk, and compliance of the CIP Program.
Rick Dodd – SERC Rick Dodd has over 41 years management and technical experience in all aspects of IT and Information Security along with more than 14 years specializing in Critical Infrastructure Protection within the electric utility industry. Rick joined SERC as a Senior CIP Compliance Specialist within the Risk Assessment and Mitigation (RAM) team on July 1, 2019, and prior to that was with the former FRCC Regional Entity since January 1, 2013. His current responsibilities include assessing overall Registered Entity risk and working with Entities to review, accept, track, and verify their noncompliance activity and associated Mitigation Plans pertaining to issues or violations of NERC Reliability Standards. Prior to joining FRCC, he was a senior member of the DYONYX Energy Practice Team for 5 years, participating on NERC working groups and numerous client engagements relevant to the CIP Reliability Standard and NEI 08-09 including many engagements at Registered Entities throughout the continental US and Canada. During his 26-year tenure with Verizon Data Services, he also managed an Information Security team of more than 30 employees. He brings demonstrated expertise in gathering business requirements, business process analysis, setting policies and standards, trouble shooting, tuning, and system evaluation. His wide versatility in multiple computing environments, with a strong understanding of object-oriented technologies, web services and workflow technologies, complements the needs of the team. He has directed and participated in the selection of hardware and software, building proof-of-concept/pilot projects aiding in deployment of enterprise-wide systems. Rick is a Certified Information Systems Security Professional (CISSP), and holds a Master of Science in Computer Information Systems (MSCIS), a Master of Business Administration (MBA), and a Bachelor of Science in Professional Management from Nova Southeastern University, Ft. Lauderdale, FL.
Speaker Biographies
Robert Vaughn - SERC Robert Vaughn joined SERC in April of 2018. Prior to joining SERC Robert was a Senior Compliance Auditor for the Southwest Power Pool Regional Entity (SPPRE) for three years. Prior to joining the SPPRE, Robert was a Senior IT Auditor for the Windstream Communications Internal Audit Team for 3 years where he focused on Sarbanes-Oxley (SOX) IT risk areas. Robert acquired a Bachelor of Science degree in Computer Information Systems with Quantitative Analysis from the University of Arkansas Fayetteville in 1998. Robert is also a Certified Information Systems Auditor (CISA).
Matt Stryker - SERC Matt joined the CIP Compliance audit team at SERC Reliability Corporation in January 2019.
Previously, Matt Stryker was a Supervisor of CIP with Georgia System Operations Corporation (GSOC) in Tucker, Georgia. He worked in the Security Operations department on both physical and electronic security processes in support of Georgia Transmission (GTC) and GSOC’s compliance with the NERC CIP Reliability Standards. Mr. Stryker performed similar roles as a Group Lead of CIP for Georgia Transmission Corporation (GTC) since 2012. Previously, Mr. Stryker held positions as a Senior CIP Compliance Auditor and later as the Manager of CIP Compliance Monitoring at SERC Reliability Corporation. He served as an Audit Team Lead or team member during audits of compliance with NERC Reliability Standards in the SERC Region. Matt has more than 15 years of security experience in asset management, physical security, network operations, and compliance. Matt holds the ASIS Physical Security Professional (PSP) and the ISC2 Certified Information Systems Security Professional (CISSP) certifications. Matt holds a Bachelor of Science degree in Management from Georgia Tech
Speaker Biographies
Vijay Naik - SERC Vijay joined the CIP Compliance audit team at SERC Reliability Corporation in January 2019.Previously, Vijay joined the Georgia System Operations Corporation (GSOC) in 2014 as Principal Engineer – Security & compliance. While at GSOC, he worked in the areas of Cyber Security, audit & compliance, System administration. Vijay has more than 19 years of information technology experience in system/threat intelligence, network infrastructure monitoring and compliance. Vijay holds a number of certifications, including: Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Information Security Manager (CISM), and Internal Control Certificate (COSO). Vijay holds a Bachelor of Computer Science degree.
Jermaine Green - SERC Jermaine joined the Critical Infrastructure Protection (CIP) Audit Team at SERC Reliability Corporation in April 2022. Previously, Jermaine served as a Senior Firewall Analyst, Compliance, at Duke Energy.In this role, Jermaine ensured the firewall environment continued to meet NERC CIP
Standards through process creation/evaluation, technical assessment, and maintenance of controls. Prior to Duke Energy, Jermaine served as a network engineer at an internet service provider (ISP) and private cloud datacenter. In these positions, Jermaine exemplified a growth mind-state, competence, and integrity. Earned credentials include; (ISC)² CISSP, CCNA R/S, CCNA Cyber Ops, ITIL V3, PCNSE, CompTIA A+, CompTIA Security+, and CompTIA Network+
Speaker Biographies
Greg Hardin - SERC
Gregory Hardin joined the Risk Assessment and Mitigation (RAM) team at SERC Reliability Corporation in April 2020 as a CIP Compliance Specialist, and now has the title of Program Manager, Critical Information Protection. Previously, Greg was a Senior Security Consultant with Network and Security Technologies (N&ST) and provided entities with assistance in NERC CIP program/mitigation plan development and performed vulnerability assessments within multiple regions (NPCC, RF, SERC, MRO, WECC). Prior to becoming a consultant, Greg was a Senior Information Technology Technician at SERC (2012) and provided infrastructure and application support. During this time, Greg also aided the CIP audit team as a technical team lead. Greg has more than 11 years of security experience in asset management, physical security, network operations, compliance, and more than 20 years of experience in IT infrastructure/application support. Greg holds the ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified in Risk and Information Systems Control (CRISC), EC- Council Certified Ethical Hacker (CEH)/Certified Hacking Forensic Investigator (CHFI) and Microsoft Certified System Engineer (MCSE) certifications. Greg holds a Bachelor of Science degree in Information Management – UNCC and a Master of Science degree in Cyber Security and Information Assurance – WGU. Greg is also a veteran of 11 years’ service with the United States Air Force/Air National Guard.
Steven Keller - SERC Steven Keller joined the CIP Compliance Audit team at SERC Reliability Corporation in September 2022.
Previously, Steven Keller was a Lead CIP Compliance Specialist with Southwest Power Pool (SPP) in Little Rock, Arkansas. He worked in the Compliance department on both physical and electronic security processes in support of Southwest Power Pool’s compliance with the NERC CIP Reliability Standards. Previously, Steven held position as a Lead CIP Compliance Auditor at Southwest Power Pool Regional Entity (SPPRE) in their CIP Compliance Monitoring department. He served as an Audit Team Lead or team member during audits of compliance with NERC Reliability Standards in the SPPRE Region. Steven has more than 15 years of security experience in asset management, physical security, network operations, and compliance.Steven holds the Certified Information Systems Auditor (CISA) certification and Certified in Risk and Information Systems Control (CRISC) and the ISC2 Certified Information Systems Security Professional (CISSP) certifications. Steven holds a Bachelor of Science degree in Accounting and Bachelor in Business Administration in Finance and Computer Information Systems from University of Arkansas at Little Rock.
Speaker Biographies
Carlos Valiente - SERC Carlos joined the CIP Compliance audit team at SERC Reliability Corporation in July 2018. He is currently the Program Manager, Security. Previously, Carlos joined the NERC ERO at FRCC in 2011. While at FRCC, he managed and coordinated the Critical Infrastructure Protection (CIP) Compliance Program that monitors and enforces compliance with NERC CIP Reliability Standards. Carlos has more than 30 years of information technology experience in operating systems and network operations specializing in cybersecurity and compliance. He has led and managed global IT information security, compliance, and risk management programs for NERC Regional Entities and PricewaterhouseCoopers, as well as other Fortune 500 companies. Carlos holds a number of certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT). In addition, he is a Global ISO 27001 Lead Auditor and a NERC CIP Lead Auditor. A longtime resident of Florida, Carlos holds a Bachelor of Arts degree in Management of Information Systems (MIS) from the University of South Florida.
Etinnie Burnett- SERC Etinnie joined the Critical Infrastructure Protection (CIP) audit team at SERC Reliability Corporation in August 2022.
Previously, Etinnie Burnett Served as Lead Cybersecurity Analyst in the Duke Energy generation security team. In this role, he manages the planning, design, testing, implementation, and maintenance of firewalls for generating sites across the Midwest and Southeast regions. Implemented firewall rule change management process to maintain network security. Maintain and update documentation of physical and cyber security for generating sites. Prior, Etinnie served as NERC CIP Technical Resource for Emersion Process MGMT Power & Water to support Duke Energy's implementation of NERC CIP version 5. As a team member, he worked to develop and implement information security per NERC CIP guidelines. Etinnie is a retired veteran, having served 20 years in the United States Navy. Stationed in the US and Asia, Etinnie has worked in technology for most of his naval career. He has extensive experience in systems networking and server management, including Global Command and Control System-Maritime servers, managed support services such as Naval Computer and Telecommunications Station Far East, and managed all information Security (INFOSEC) matters in compliance with governing directives and instructions
Speaker Biographies
Justin Kelly - SERC In September 2019, Justin joined SERC Reliability Corporation as a Senior CIP Auditor. In September 2021, Justin joined the Risk Assessment and Mitigation group as a Senior CIP Engineer. Previously, Justin Kelly was an Electrical Engineer with the Federal Energy Regulatory Commission in Washington, DC. He was a sub-team lead for both CIP Version 5 and CIP-014 FERC-led audits. Justin has also been involved in monitoring Standard Drafting Teams, drafting FERC Orders, reviewing CIP related sanctions filed or posted by NERC, and observing regional entity audits. He primarily focused on CIP Reliability Standards during his time at FERC, but also was a technical team lead for Geomagnetic Disturbance and Electromagnetic Pulse research and standards projects. Justin received a Master of Science in Electrical Engineering degree from Virginia Polytechnic and State University in 2009. He is a licensed Professional Engineer (PE) in the state of Maryland and is a Certified Information System Security Professional (CISSP). Eric Howell - SERC Eric Howell is the SERC Program Manager, Critical Infrastructure Protection, responsible for the SERC CIPC including the Physical Security Subcommittee and the CIP Tools Working Group. Eric came to SERC from Georgia Systems Operation (GASOC) where he was responsible for designing and supporting the CIP infrastructure and compliance that encompassed the Energy Management Systems (EMS) monitoring and controlling the grid resources for Georgia Transmission, Oglethorpe Power and their member coops. He has also designed and implemented interfacing and communications for GE turbines around the world allowing them to communicate with the Monitoring and Diagnostic Center in Atlanta, GA. Over his career he has had the opportunity to work in many industries including teaching the hardware, software and physics of Magnetic Resonance Imaging. He designing and implementing network and computer infrastructures for financial processing companies, heavy equipment manufacturing companies, communications companies, and international governments. Throughout his career Eric has had the opportunity to work with and interact with people and cultures around the world as he brought technology to organizations and taught the skills to maintain this technology.
Speaker Biographies
Audrey Hopkins - Duke Energy Audrey Hopkins has 33 years’ experience in IT within the utility industry. She started as an internal IT auditor then moved into IT applications leading teams on the customer billing system and security administration before finding a home in the NERC CIP space. Now, she leads a functional team that supports Duke Energy’s NERC CIP identity and access management application. She is the Product Owner for that application and helped develop it under the Agile/ Scrum methodology at Duke. She represented Duke as the SME for CIP-004 R4 and R5 during their most recent audit of that standard. She holds a master’s degree in Cyber Security and a bachelor’s degree in Management Information Systems from the University of South Florida. She is a certified CISA, CIA, PMP, Scrum Product Owner and Scrum Master. She has two grown children and while she waits for grandchildren she dotes on her two dogs, Bella and Clyde who are “60% Chihuahua and 12 other things”. In her spare time, she likes to read, knit, cook, do crosswords and RV.
ThankYou
ADDITIONAL INFORMATION Questions concerning registration and meeting content - Lynn Black
Follow for updates
Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15 Page 16Made with FlippingBook - Online magazine maker