Cyber Attack Task Force - Final Report - NERC
Cyber Attack Task Force - Final Report - NERC
Cyber Attack Task Force - Final Report - NERC
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Executive Summary<br />
Key Recommendations<br />
The CATF has considered what aspects of cybersecurity would be particularly challenged<br />
through a coordinated cyber attack and considered options to protect the assets, systems, and<br />
networks that are critical to the reliable operation of the bulk power system. The following<br />
summarizes the key recommendations of this report that are described in the body of the<br />
report in further detail. While some of the recommendations identify areas that require further<br />
study coordinated through <strong>NERC</strong>’s Technical Committees, others recommend that entities take<br />
certain actions to enhance their ability to prevent, deter, detect, and respond to a coordinated<br />
cyber attack.<br />
1. Continue Work on <strong>Attack</strong> Trees – A separate working<br />
group under <strong>NERC</strong>’s Critical Infrastructure Protection<br />
Committee (CIPC) should be established to further<br />
develop attack trees with the goal of populating the<br />
nodes, performing detailed analysis, and providing<br />
recommendations to industry from this analysis.<br />
2. Continue to Develop Security and Operations Staff<br />
Skills to Address Increasingly Sophisticated <strong>Cyber</strong><br />
Threats – Entities should develop strategies to attract<br />
cybersecurity talent and further develop the<br />
knowledge, skills, and abilities of existing staff to<br />
address increasingly sophisticated cyber threats and<br />
technology challenges that accompany grid modernization efforts.<br />
3. Augment Operator Training with <strong>Cyber</strong> <strong>Attack</strong><br />
Scenarios – Several cyber attack scenario templates<br />
are included in Appendix C of this report. Entities<br />
should consider enhancing training to incorporate<br />
cyber attacks that raise operator awareness for a<br />
coordinated cyber attack.<br />
4. Conservative Operations – The Severe Impact<br />
Resilience: Considerations and Recommendations<br />
report prepared by the Severe Impact Resilience <strong>Task</strong><br />
<strong>Force</strong> offers a number of recommendations regarding<br />
conservative operations. Entities should review this<br />
report and consider the practices that would apply to<br />
a coordinated cyber attack scenario.<br />
5. Conduct Transmission Planning Exercise – Working<br />
with Department of Energy’s national labs and a pilot<br />
group of electricity utilities, a transmission planning<br />
exercise should be coordinated by <strong>NERC</strong> to simulate a<br />
coordinated cyber attack that creates a cascading<br />
event and blackout. The event should attempt to<br />
4 <strong>Cyber</strong> <strong>Attack</strong> <strong>Task</strong> <strong>Force</strong> <strong>Report</strong>