The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Richard Brooks's picture
Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC

Inventor of patent pending (16/933161) technology: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™)...

  • Member since 2018
  • 1,218 items added with 487,957 views
  • Sep 23, 2021 7:30 pm GMT
  • 208 views

Once again NIST and CISA, working in partnership, meet their defined deliverables to meet presidential directives to improve cybersecurity across all critical infrastructure sectors. It's easy to see the alignment and harmony that exists between NIST and CISA in this document. This alignment and harmony were also on full display today during the testimony of CISA Director Jen Easterly at the Senate hearing on National Cybersecurity Strategy: Protection of Federal and Critical Infrastructure Systems. Here are some of my key takeaways from the linked document:

CISA and NIST identified nine categories of recommended cybersecurity practices and used these categories as the foundation for preliminary control system cybersecurity performance goals. Each of the nine goals includes specific objectives that support the deployment and operation of secure control systems that are further organized into baseline and enhanced objectives.
Baseline objectives represent recommended practices for all control system operators while the enhanced objectives include practices for critical infrastructure supporting national defense; critical lifeline sectors (i.e. energy, communications, transportation, and water); or where failure of control systems could have impacts to safety. DHS will coordinate with its interagency and private sector partners to determine the applicability of the enhanced objectives within each sector. In addition to the objectives, Example Evidence of Implementation is provided for each objective to demonstrate what successful implementation of an objective might entail for an organization.

DHS expects to conduct much more extensive stakeholder engagement as the goals are finalized in the coming months.
 

Richard Brooks's picture
Thank Richard for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member
Discussions
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.
Steve Lindsay's picture
Steve Lindsay on Sep 23, 2021

Richard - we were glad to see the level of detail and examples in what was issued. I think this is a good step forward for control systems in critical infrastructure.  Looking forward to see how the companies (i.e. utilities) react to this.

-Steve

Richard Brooks's picture
Richard Brooks on Sep 23, 2021

Thanks, Steve. Expect to see more activity from CISA supporting small and medium businesses in the energy sector. Good things are happening with the SMB's. Very encouraging.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »