Cyber Attack Task Force - Final Report - NERC
Cyber Attack Task Force - Final Report - NERC
Cyber Attack Task Force - Final Report - NERC
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Defensive Capabilities / Deterrence<br />
Auxiliary preparedness materials such as customer communication templates, emergency<br />
contact lists and preplanned secure/alternative communications methods (e.g. phone<br />
conference bridges; Government Emergency Telecommunications System (GETS) & Wireless<br />
Priority System (WPS) for priority access to telecommunications; satellite phone<br />
communications for the occurrence where landline and cellular facilities are not available) will<br />
enable a more rapid response operation. Creating customer communication templates may<br />
help customer support line representatives address calls from customers while other prepared<br />
documents may act as a template for communications staff to engage the local news media or<br />
government officials during or shortly after any impact from a security related incident.<br />
Emergency contact lists may list mobile contact information for management escalation and<br />
support staff such as operations staff, IT or cyber security team members. Additionally, it may<br />
list outside parties such as ES-ISAC, local, state or federal law enforcement, managed security<br />
service providers and system vendor technical support lines.<br />
Information Sharing<br />
Information sharing is a critical component of any preparation as well as part of the actual<br />
response plan. Besides the formal, regulatory requirements for reporting unusual events<br />
outlined in the <strong>NERC</strong> CIP standards and the Department of Energy’s OE-417, there exists an<br />
informal communication network between utilities and non-regulatory entities such as the<br />
North American Transmission Forum and the North American Generation Forum.<br />
There have been successes between the industry, regulatory agencies and the intelligence<br />
community with taking classified intelligence, having industry experts assess sensitive<br />
information in a classified setting, remove or translate sensitive data and create an alert that<br />
can be distributed to a wider audience in the electricity industry.<br />
<strong>Cyber</strong> <strong>Attack</strong> <strong>Task</strong> <strong>Force</strong> <strong>Report</strong> 23