cip violation data trends 2012 2015
play

CIP Violation Data Trends 2012-2015 Deandra Williams-Lewis - PowerPoint PPT Presentation

Feb 03, 2023 •25 likes •175 views

CIP Violation Data Trends 2012-2015 Deandra Williams-Lewis Violation Volume Decreasing CIP Violations by Deemed Date 2015 53 2014 92 2013 91 2012 153 2011 165 2010 259 0 50 100 150 200 250 300 2010: Mandatory Compliance

  1. CIP Violation Data Trends 2012-2015 Deandra Williams-Lewis

  2. Violation Volume Decreasing CIP Violations by Deemed Date 2015 53 2014 92 2013 91 2012 153 2011 165 2010 259 0 50 100 150 200 250 300  2010: Mandatory Compliance for all CIP Standards Begins; RF commences full scope audits; Entities at beginning stages of CIP implementation  2015: Maturation of CIP programs; Increased use of automated tools; increased outreach Forward Together • ReliabilityFirst

  3. Majority of Violations are Self-Reported  Larger Entities Drive Volume of Self-Reports  Two audit outliers in 2014 responsible for 92 of 117 audit violations, otherwise steady downward trend Forward Together • ReliabilityFirst

  4. Volume Driven by High-Frequency Conduct  Requirements concerning “high-frequency conduct” drive volume CIP-004, R4 ( access: lists for cyber access and physical access; revoking privileges) CIP-006, R1 ( physical security of critical cyber assets: physical access logging) CIP-007, R5 ( account management: passwords and access lists)  These violations tend to be self-reported and pose a lesser risk  However, can be indicative of systemic issues Forward Together • ReliabilityFirst

  5. Detection and Reporting Duration Impovement  Decrease between Deemed and Reporting Dates  Average 317 decrease in days (trending downward) * Includes noncompliance start date, time to identify, assess, correct, and then report 5 Forward Together • ReliabilityFirst

  6. Improved Risk Posture  Year-over-year decrease in severity  75% of CIP violations are Minimal to Moderate risk  9% of CIP violations are serious risk • implementation issues • culture and programmatic issues Forward Together • ReliabilityFirst

  7. Volume Driven by Larger Entities  Larger entities have experienced initial implementation challenges  More assets, business units, and people = more challenges • 100% of serious risk issues concern larger entities • 93.3% of audit findings concern larger entities • 79.8% of all violations driven by large entities  CIP Themes Report: identified and shared common themes 7 Forward Together • ReliabilityFirst

  8. Observations  Possible Drivers of Positive Trending • Maturation (both RF and Entities) • Active Monitoring and Enforcement • Trending, Analytics, and Sharing ‒ Assist Visits and Outreach ‒ CIP Themes Report ‒ Case Study Outreach  Remain Vigilant – Moving Target  Dynamic Regulatory Approach ‒ Focus on continuous improvement ‒ Violations not always indicative of security state • Volume can indicate strong detective controls or weak preventative/corrective controls • Paper compliance does not equal security 8 Forward Together • ReliabilityFirst

  9. Common CIP Themes Patrick O’Connor

  10. Purpose of CIP Themes Report  IDENTIFY • Common themes underlying systemic CIP violations. • Possible resolutions ‒ Not directive because “one size does not fit all” • Based on RF’s observations through years of compliance monitoring and enforcement activities ‒ Collaborated with entities that dealt with higher risk CIP Violations ‒ In coordination with NERC  COMMUNICATE • Raise awareness and prevent recurrence ‒ Report available on RF’s website 10 Forward Together • ReliabilityFirst

  11. The Identified CIP Themes 11 Forward Together • ReliabilityFirst

  12. Scenario #1  Entity implemented tools to monitor its account usage. • Entity did not configure these properly, causing voluminous logs that could not be meaningfully digested.  Entity implemented tool to automatically generate revocation notices. • Responsible employee did not review notifications and thus did not perform necessary revocations. 12 Forward Together • ReliabilityFirst

  13. Scenario #2  Entity utilized a vendor’s asset management system. • Protecting Critical Cyber Asset Information was not considered nor mentioned in the vendor contract.  Entity contracted with vendor to provide security patch management. • Vendor did not provide entity with timely assessments of patch releases. 13 Forward Together • ReliabilityFirst

  14. Scenario # 3  Entity used its mirrored-back-up  Entity permitted compromised data center constituted as its assets to communicate freely disaster recovery data center. with command and control server. • Entity did not understand that corruption of the main data center • Entity did not understand firewall would promptly result in a commands (“permit any any” on corrupted back-up data center. outbound traffic). 14 Forward Together • ReliabilityFirst

  15. Questions & Answers Forward Together ReliabilityFirst 15 Forward Together • ReliabilityFirst

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Business Trends for the U.S. Defense Enterprise $700 Declining Revenue Trends $600 PB 2012 PB

Business Trends for the U.S. Defense Enterprise $700 Declining Revenue Trends $600 PB 2012 PB

Business Trends for the U.S. Defense Enterprise $700 Declining Revenue Trends $600 PB 2012 PB 2013 PB 2016 PB 2014 $500 PB 2015 Actuals $Billion, TY $400 Ten-Year s (FY12-23) PB12 to PB13: - $500B $300 PB13 to PB14: - $80B

276 views • 8 slides
Lepton flavour violation: a phenomenological overview Ana M. Teixeira Laboratoire de Physique

Lepton flavour violation: a phenomenological overview Ana M. Teixeira Laboratoire de Physique

Lepton flavour violation: a phenomenological overview Ana M. Teixeira Laboratoire de Physique Corpusculaire, LPC Clermont What is ? INVISIBLES 2012 GGI, Firenze, 26 June 2012 Lepton Flavour Violation: LFV@2012 What

405 views • 40 slides
Pulsar Realtime Analytics At Scale Tony Ng April 14, 2015 Big Data Trends Bigger data

Pulsar Realtime Analytics At Scale Tony Ng April 14, 2015 Big Data Trends Bigger data

Pulsar Realtime Analytics At Scale Tony Ng April 14, 2015 Big Data Trends Bigger data volumes More data sources DBs, logs, behavioral & business event streams, sensors Faster analysis Next day to hours to minutes to

496 views • 24 slides
Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report

Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report

4/16/16 Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report 79,790 security incidents 2,122 confirmed data breaches Top industries affected: Public, Informa7on, and Financial Services (same as

181 views • 14 slides
28 th May 2015 Why are we here? Source: ONS 2012-Based National Population Projections 10,000

28 th May 2015 Why are we here? Source: ONS 2012-Based National Population Projections 10,000

Financial Services and the Privatisation of Risk Trajectory Trends Breakfast 28 th May 2015 Why are we here? Source: ONS 2012-Based National Population Projections 10,000 15,000 20,000 25,000 30,000 5,000 0 2012 12,280 2013 2014 2015

700 views • 34 slides
500 Lives October 2015 Mark Juniper 500 lives calculation: 2012 to 2015 Mortality Trends

500 Lives October 2015 Mark Juniper 500 lives calculation: 2012 to 2015 Mortality Trends

500 Lives October 2015 Mark Juniper 500 lives calculation: 2012 to 2015 Mortality Trends - Actual & HSMR 140 130 120 110 100 90 80 70 60 Apr-12 May-12 Jun-12 Jul-12 Aug-12 Sep-12 Oct-12 Nov-12 Dec-12 Jan-13 Feb-13

420 views • 7 slides
0 mixing D 0 D mixing in D 0 meson system considerably smaller than in K 0 , B 0 0 y | D 0

0 mixing D 0 D mixing in D 0 meson system considerably smaller than in K 0 , B 0 0 y | D 0

BELLE SEARCH FOR CP VIOLATION IN D 0 KK , , K AND D 0 0 0 Tara Nanut on behalf of the Belle Collaboration 7th International Workshop on Charm Physics May 2015 1 { 17 Search for CP violation in D 0 KK , , K and D 0

928 views • 17 slides
Oral Care Trends 2012 Key Trends 2 2 Innovation keeps consumers interested and intrigued, and

Oral Care Trends 2012 Key Trends 2 2 Innovation keeps consumers interested and intrigued, and

Oral Care Trends 2012 Key Trends 2 2 Innovation keeps consumers interested and intrigued, and drives desire. Credible product development within brands can support huge growth Apple being a fine example of this. A constant stream of new

724 views • 35 slides
Overview Accident Trends Global / Asia Pacific Five Year Summary / 2012 Flight Data

Overview Accident Trends Global / Asia Pacific Five Year Summary / 2012 Flight Data

Flight Data Exchange A Global Approach to Local Risks Tony Houston Assistant Director Safety IATA Asia Pacific Overview Accident Trends Global / Asia Pacific Five Year Summary / 2012 Flight Data Aviations most important safety

673 views • 34 slides
The Statistics of Dirty Data Sanjay Krishnan coax treasure out of messy, unstructured data 204

The Statistics of Dirty Data Sanjay Krishnan coax treasure out of messy, unstructured data 204

The Statistics of Dirty Data Sanjay Krishnan coax treasure out of messy, unstructured data 204 papers since 2012 in VLDB, ICDE, SIGMOD ( dirty data ) The Database Perspective Dirty data is a violation of constraints on a table. Data

961 views • 57 slides
Building on Trends in Citrus in North America ICBC - 2014 FlavourVision TM 2012 Beverage Trends

Building on Trends in Citrus in North America ICBC - 2014 FlavourVision TM 2012 Beverage Trends

Building on Trends in Citrus in North America ICBC - 2014 FlavourVision TM 2012 Beverage Trends FlavourVision TM 2013 Beverage Trends Signature Happy Excited All Family Refreshing All American Honey Simpler Labels Kids Arnold Palmer

202 views • 19 slides
CP violation in h Z UMass Amherst May 2, 2015 Marco Farina Cornell University First

CP violation in h Z UMass Amherst May 2, 2015 Marco Farina Cornell University First

CP violation in h Z UMass Amherst May 2, 2015 Marco Farina Cornell University First look The Higgs looks quite SM like PDG Review (Nov 2013) Introduction How well at the end of LHC? Snowmass Higgs Working Group Report 1310.8361

282 views • 25 slides
CULTURAL ACCESS September 18, 2015 Trends Regulatory Non-regulatory The Future

CULTURAL ACCESS September 18, 2015 Trends Regulatory Non-regulatory The Future

9/21/2015 TRENDS IN CULTURAL ACCESS September 18, 2015 Trends Regulatory Non-regulatory The Future Trends Regulatory 1 9/21/2015 2010 Revised ADA Regulations 1. Service Animal 2. Mobility Device 3. Ticketing 4. 2010 Standards 5.

359 views • 6 slides
General Relativity Dr Mark Hadley Parity Violation. The biggest scientific blunder of the 20

General Relativity Dr Mark Hadley Parity Violation. The biggest scientific blunder of the 20

Explaining CP violation using General Relativity Dr Mark Hadley Parity Violation. The biggest scientific blunder of the 20 th century Plan Motivation Parity and Parity violation a fresh look CP violation a brief look

459 views • 34 slides
2017 BUDGET PRESENTATION GENERAL FINANCIAL DATA AND TRENDS Don Coppock 1 RETAIL ELECTRIC SALES

2017 BUDGET PRESENTATION GENERAL FINANCIAL DATA AND TRENDS Don Coppock 1 RETAIL ELECTRIC SALES

2017 BUDGET PRESENTATION GENERAL FINANCIAL DATA AND TRENDS Don Coppock 1 RETAIL ELECTRIC SALES $50,000,000 $40,000,000 $30,000,000 $20,000,000 $10,000,000 2012 Actuals 2013 Actuals 2014 Actuals 2015 Actuals 2016 Projected 2017

501 views • 35 slides
E-TRENDS ARABNET 2014 IYAD KAMAL IY AD@ ARAMEX.COM IY AD KAMAL @ IY ADKAM E-TRENDS

E-TRENDS ARABNET 2014 IYAD KAMAL IY AD@ ARAMEX.COM IY AD KAMAL @ IY ADKAM E-TRENDS

E-TRENDS ARABNET 2014 IYAD KAMAL IY AD@ ARAMEX.COM IY AD KAMAL @ IY ADKAM E-TRENDS BUSINESS TRENDS P AYMENTS RETURNS SOCIAL TRENDS LAST MILE SOLUTION BUSINESS TRENDS THE MIXER E-TRENDS INCLUDE MIXED DATA FROM : SHOP AND SHIP

925 views • 28 slides
FY 21-26 Preliminary Recommended CIP and FY 21 Bond Authorization January 16, 2020 Preliminary

FY 21-26 Preliminary Recommended CIP and FY 21 Bond Authorization January 16, 2020 Preliminary

FY 21-26 Preliminary Recommended CIP and FY 21 Bond Authorization January 16, 2020 Preliminary Recommended Community Investment Plan (CIP) FY 21-26 What is the Preliminary Recommended CIP? A first look Fiscally feasible

670 views • 44 slides
BARNES ROFFE LLP MAKING TAX DIGITAL CLOUD ACCOUNTING & COMPLIANCE 25 OCTOBER 2018 BARNES

BARNES ROFFE LLP MAKING TAX DIGITAL CLOUD ACCOUNTING & COMPLIANCE 25 OCTOBER 2018 BARNES

BARNES ROFFE LLP MAKING TAX DIGITAL CLOUD ACCOUNTING & COMPLIANCE 25 OCTOBER 2018 BARNES ROFFE LLP KEITH MASON CHRIS WATSON BSc FCA CTA AAT ACCA Partner Accounting Services BARNES ROFFE LLP KEITH MASON BSc FCA CTA Partner

549 views • 52 slides
Serica Acquisition of BP Interests in Bruce, Keith and Rhum fields PROJECT LAVAL PRESENTATION

Serica Acquisition of BP Interests in Bruce, Keith and Rhum fields PROJECT LAVAL PRESENTATION

Serica Acquisition of BP Interests in Bruce, Keith and Rhum fields PROJECT LAVAL PRESENTATION November 2017 NOVEMBER 2017 A Transformational Acquisition for Serica Serica to purchase BP interests in the Bruce (36%), Keith (34.83%) and Rhum

546 views • 26 slides
June 10-11, 2020 GoTo Webinar Welcome, Introductions & Agenda Chris Craig Introductions

June 10-11, 2020 GoTo Webinar Welcome, Introductions & Agenda Chris Craig Introductions

June 10-11, 2020 GoTo Webinar Welcome, Introductions & Agenda Chris Craig Introductions Name Agency/organization Agenda DAY 1 DAY 2 Breakout Session: Occupant Breakout Session: Law Protect for Children Enforcement

450 views • 15 slides
2021 2026 CIP C APITAL B UDGET P RESENTATION P EDESTRIAN A DVISORY C OMMITTEE J ULY 2020 P

2021 2026 CIP C APITAL B UDGET P RESENTATION P EDESTRIAN A DVISORY C OMMITTEE J ULY 2020 P

CITY OF MINNEAPOLIS 2021 2026 CIP C APITAL B UDGET P RESENTATION P EDESTRIAN A DVISORY C OMMITTEE J ULY 2020 P UBLIC W ORKS T RANSPORTATION P LANNING AND P ROGRAMMING M IKE S AMUELSON , T RANSPORTATION P LANNER 1 N ATHAN K OSTER , T

325 views • 29 slides
Cape Elizabeth School District School Bond Proposal Presentation to Town Council January 28,

Cape Elizabeth School District School Bond Proposal Presentation to Town Council January 28,

Cape Elizabeth School District School Bond Proposal Presentation to Town Council January 28, 2014 December 8, 2014 (updates in red) 1 Community Expectations Our school buildings are a significant community-wide investment and the

503 views • 13 slides
Capital Improvement Plan (CIP) June 7, 2018 1 Follow the School Boards CIP Process

Capital Improvement Plan (CIP) June 7, 2018 1 Follow the School Boards CIP Process

School Boards Proposed 2019 -28 Capital Improvement Plan (CIP) June 7, 2018 1 Follow the School Boards CIP Process Information about the CIP: apsva.us/engage/cip_fy19-28/ Website includes: CIP background Timeline (with

847 views • 27 slides
Capital Improvement Program (CIP) July 20, 2017 2 Capital Improvement Program Ten-year

Capital Improvement Program (CIP) July 20, 2017 2 Capital Improvement Program Ten-year

2017-2026 PROPOSED Capital Improvement Program (CIP) July 20, 2017 2 Capital Improvement Program Ten-year vision, setting broad policy level guidance for capital expenditures Ten-year projection of financial capacity and debt levels

638 views • 18 slides

More recommend