Skip Main Navigation
Page Content

Save This Event

Event Saved

NERC CIP Bootcamp - Anaheim, CA

EnergySec

Tuesday, December 6, 2016 at 8:00 AM - Thursday, December 8, 2016 at 5:00 PM (PST)

Ticket Information

Ticket Type Sales End Price Fee Quantity
3 Day - NERC CIP Bootcamp
The Bootcamp includes three days of instruction covering all requirements in CIP-002 through CIP-011, plus background and foundational information.
3h 17m $1,795.00 $0.00
Day 1 Only - Low Impact Entities
Day 1 only. The first day of the Bootcamp provides foundational information and details on the low impact requirements
2h 17m $795.00 $0.00

Who's Going

Loading your connections...

Share NERC CIP Bootcamp - Anaheim, CA

Event Details

All attendees will receive full printed and electronic copies of the course materials, plus free access to future versions of the course for a period of 12 months and access to the course alumni email discussion forums. Course materials are regularly reviewed and updated to reflect the latest NERC guidance, formal interpretations, FERC rulings, regional audit approaches, and other relevant items.


Day 1 - NERC CIP Foundations and Low Impact Requirements

Day 1 of the NERC CIP Bootcamp provides foundational and background information on the standards with a focus on the low impact requirements and related compliance responsibilities for entities with only low impact assets. The course materials are nearly identical to those used for the 1-day stand-alone low impact course, when offered.

 

COURSE LEARNING OBJECTIVES

Unit 1 Foundations

- Understand the history and background of the standards

- Understand the relationship and authority of FERC, NERC, and the Regions - Understand key terminology related to standards development and oversight


Unit 2 Standards Structure

- Understand the new format used for requirements in version 5 and later versions

- Understand the elements of the standards and their relative importance and authority


Unit 3 Guidance

- Understand the various forms of official guidance available, their sources, and their relative authority and legal basis


Unit 4 Implementation Plan

- Identify the effective dates of version 5 and 6 requirements

- Understand the concept of bookends, and the new approach used in version 5


Unit 5 Terminology

- Obtain a basic understanding of NERC Glossary terms used in the CIP standards - Understand key undefined terms and their implication in the requirements


Unit 6 Asset Identification

- Understand the requirements for categorizing BES Cyber Systems

- Gain familiarity with the Impact Rating Criteria in CIP-002-5 Attachment 1

- Understand how the Impact Rating Criteria are applied to determine the impact rating of BES Cyber Systems


Unit 7 Policy and Management

- Understand the requirements for developing cyber security policies

- Identify the topics required to be addressed in policies for high and medium impact BES CyberSystems

- Identify the topics that need be addressed for low impact systems


Unit 8 Security Awareness (Low Impact)

- Understand the requirements for Security Awareness programs for low impact assets


Unit 9 Physical Security (Low Impact)

- Understand the physical security requirements for low impact assets


Unit 10 Electronic Security (Low Impact)

- Understand the electronic security requirements for low impact assets - Understand the low impact defined terms from the NERC Glossary


Unit 11 Incident Detection and Response (Low Impact)

- Understand the requirements for incident detection and response at low impact assets


Unit 12 Transient Systems Protection (Low Impact)

- Understand the types of assets that qualify as Transient Cyber Assets

- Understand the requirements for the protection of Transient Cyber Assets, including thedifference between entity owned and 3rd party owned devices

- Understand the requirements for Removable Media


Unit 13 Measures, Documentation, and Evidence

- Understand the purpose of the measures provided in the standards

- Identify different types of evidence that can be used to demonstrate compliance - Understand auditor’s professional responsibilities for determining compliance


Unit 14 The Future

- Understand key unresolved concerns that could result in new or revised standards in the future.

- Understand the directives issued by FERC to NERC regarding required improvements to the version 5 standards, and how those have been implemented in version 6.

- Understand current standards development efforts and other regulatory initiatives that could impact the standards

 

Day 2 and 3 - NERC CIP Deep Dive - Medium and High Impact Requirements

Days 2 and 3 of the NERC CIP Bootcamp provide a comprehensive look at the latest versions of standards CIP-002 through CIP-011. Each requirement will be discussed in detail along with a summary of evidence required to demonstrate compliance.


COURSE LEARNING OBJECTIVES

Unit 15 Cyber Asset Categories

- Understand the various attributes that define differing categories of assets for the purpose of requirement applicability

- Understand the relationship between BES Cyber Systems and other associated categories of Cyber Assets.


Unit 16 Virtualization

- Understand how virtualization concepts are applied within the CIP standards

- Understand how differences between version 3 and version 5 of the standards affect virtual environments


Unit 17 Communications Security

- Understand the aspects of communications that are and are not addressed within the standards

- Identify the ambiguities with respect to determining communication assets that are in-scope under version 5


Unit 18 Cybersecurity Policies

- Understand the policy requirements for high and medium impact systems


Unit 19 Security Awareness and Training

- Understand the requirements for Security Awareness programs

- Understand the topics that must be included in CIP training programs

- Understand the personnel that must receive training and the timelines for delivery


Unit 20 Personnel Risk Assessments

- Understand the elements of a personnel risk assessment

- Understand the requirements pertaining to vendors and other 3rd parties


Unit 21 Access Management

- Understand the type of access which must be identified and managed under the version 5 requirements

- Understand the quarterly and annual review requirements

- Understand the requirements for account revocation upon termination and transfer

- Understand the requirements related to shared accounts


Unit 22 Electronic Security Perimeters

- Understand the purpose of Electronic Security Perimeters

- Understand the requirements for control of access at Electronic Access Points - Understand the requirements for detection of malicious communications


Unit 23 Interactive Remote Access

- Understand the circumstances which qualify as Interactive Remote Access

- Understand the requirements for Interactive Remote Access in version 5

- Understand the exemption for remote access between Electronic Security Perimeters


Unit 24 Physical Security

- Understand the differing requirements for physical security based on impact level and external routable connectivity

- Understand the monitoring, logging, and alerting requirements


Unit 25 Port Security

- Understand the requirements related to management of logical network accessible ports - Understand the requirements related to protection of unused physical I/O ports


Unit 26 Patch Management

- Understand the requirements related to cybersecurity patch management - Understand the concept of patch applicability

- Identify the timelines for evaluating and installing patches


Unit 27 Malicious Code Protection

- Understand the requirements for protecting against malicious code

- Identify various approaches for protecting individual devices and systems


Unit 28 Security Event Monitoring

 - Understand the requirements for security event monitoring

- Identify the required minimum events and alerts

- Understand the objectives for security monitoring and identify a broad range of events which can be monitored to meet these objectives


Unit 29 System Access Control

- Understand the requirements for authentication, and control of default and shared accounts

- Understand the requirements for password use, including length, complexity, and change requirements


Unit 30 Incident Response

- Understand the requirements for and elements of incident response plans

- Understand the required processes for detecting and declaring incidents

- Understand the distinction between reportable and non-reportable incidents and their use in the requirements

- Identify the requirements for plan exercises and updates


Unit 31 Recovery Plans

- Understand the requirements for recovery plans

- Identify the requirements for plan exercises and updates


Unit 32 Configuration Change Management

- Understand the elements of a baseline configuration

- Understand the requirements for change management when baseline configurations change


Unit 33 Transient Systems Protection

- Understand the types of assets that qualify as Transient Cyber Assets

- Understand the requirements for the protection of Transient Cyber Assets, including the difference between entity owned and 3rd party owned devices

- Understand the requirements for Removable Media


Unit 34 Vulnerability Assessments

- Identify potential elements of a vulnerability assessment

- Understand the three different types of required vulnerability assessments

- Understand the requirements reporting and followup after a Vulnerability assessment is performed


Unit 35 Information Protection

- Understand the types of information which qualify as BES Cyber System Information

- Understand the three broad circumstances in which BES Cyber System Information must be protected

- Understand the requirements for information protection during the disposal or redeployment of CIP assets


Unit 36 Technical Feasibility Exceptions

- Understand the history and purpose of Technical Feasibility Exceptions

- Identify the requirements for which Technical Feasibility Exceptions are available in version 5


Unit 37 Risk-Based Compliance Monitoring and Enforcement Program

- Understand the history and purpose of the Risk-Based Compliance Monitoring and Enforcement Program

- Understand the purpose of the Inherent Risk Assessment, Internal Controls Evaluation, and Self-Logging processes


Unit 38 Gotchas and Opportunities

- Identify common pitfalls which could lead to non-compliance with the standards

- Identify areas in which compliance efforts can provide positive benefit beyond mere compliance with the CIP standards

Have questions about NERC CIP Bootcamp - Anaheim, CA? Contact EnergySec

Save This Event

Event Saved

When & Where


Courtyard Anaheim Resort/Convention Center
2045 South Harbor Blvd
Anaheim, CA 92802

Tuesday, December 6, 2016 at 8:00 AM - Thursday, December 8, 2016 at 5:00 PM (PST)


  Add to my calendar

Organizer

EnergySec

EnergySec is a community of information security, physical security, audit, disaster recovery and business continuity professionals from energy industry utilities. Participation is international, including all regions throughout North America, South America, Europe, Asia and Australia. EnergySec operates many programs, events and technology solutions designed to help improve the security posture of the energy sector.

We strive to assure that security practices, ideas and principles are shared among energy organizations. It is our mission to drive security excellence among participants in our many program.

EnergySec is incorporated as a non-profit organization and is a registered 501(c)(3) public charity.
  Contact the Organizer
NERC CIP Bootcamp - Anaheim, CA
Things to do in Anaheim, CA Class Other

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.