NERC CIP Compliance Service

 

With the ever-growing threats of cyber attacks targeting the assets within the Electronic Security Perimeter the Energy industry has taken a proactive approach to ensure their systems are meeting the security requirements specified by NERC CIP. The NERC CIP controls are very high level, and require a more in depth analysis of the system configuration, organizational policies, and other components that effect the overall cyber security posture of the organization.

For nearly a decade DNC Corp has been supporting the unique cyber security requirements that any energy company faces from the unique industrial systems (SCADA environment) to the unique communication methods of the SCADA network. DNC Corp has performed thousands of cyber security audits utilizing many different controls (e.g. DoD DIACAP, NIST 800-53, SOX, HIPAA, DCID, and more) that gives us a strategic advantage while performing NERC CIP audits. Our auditing process is much more comprehensive compared to our competition as we scrutinize each NERC CIP control with control enhancements from different standards to ensure the best internal control audit possible.

Whether your organization is trying to develop a NERC CIP program or your organization needs an independent assessment of its current NERC CIP program let DNC Corp bring our expertise and experience to give you the best possible assessment of your infrastructure. DNC can help evaluate, develop remediation strategy, and remediate issues discovered while auditing the:

Cyber Security - Critical Cyber Asset Identification
Cyber Security - Security Management Controls
Cyber Security - Personnel & Training
Cyber Security - Electronic Security Perimeter(s)
Cyber Security - Physical Security of Critical Cyber Assets
Cyber Security - Systems Security Management
Cyber Security - Incident Reporting and Response Planning
Cyber Security - Recovery Plans for Critical Cyber Assets




 

Securing the Smart Grid

In 2009 the Wall Street Journal published an article discussing of how cyber spies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system. The reality of cyber warfare is more apparent then ever as we have witness countless news stories of how foreign threats are targeting and infiltrating energy companies as a method of spying, and possible disruption attacks against US infrastructure.

Advanced Persistent Threats (APT – the term used for when foreign elements infiltrate systems for intelligence/cyber warfare purpose) is occurring more frequently as the need for information increases for the adversary. Foreign governments are more then ever targeting energy systems for industrial espionage and the scary possibility of industrial sabotage. It is no coincidence that NERC CIP is hot topic in the energy industry as APT threats continue to increase in the energy sector.

DNC has been involved in the cyber counterintelligence for the past decade we specialize in identifying anomalous behavior that may be suggestive to potential malicious or counter intelligence related activity. Our expertise and experience can determine if cyber spies have infiltrated your organization. DNC provides many difference cyber security services for our malware/cyber counterintelligence program, and here are some few examples:

  • Review network security architecture, and develop new comprehensive security architecture overhaul that include enhancing security on LDAP, SCADA processes, routing and switching, desktop security, software development, security awareness training, database security configuration, and more.
  • Performing reverse engineering of malicious code to discover vulnerabilities in binaries, attribution of author, defensive mechanisms to prevent spread of malware. Utilizing the sandbox to isolate malware, unpacking malware, monitoring registry changes, and identifying malware communication channels (command and control, drop points, etc.).
  • Provide trend analysis through data & network analytics for correlated information sources and network data such (event logs, IDS, and network captures.)
  • Develop SOP for incident handling, detection and threat mitigation procedures.
  • Support direct investigation of cyber activity targeting customer information and its information infrastructure. Provide support to the Security Operations Center in the advanced analysis, mitigation, and reporting of cyber threats affecting organizational networks.
  • Assist organizational training department in the education of staff on the cyber threat methodologies (e.g. spear fishing).
  • Conduct data exfiltration/leakage assessment (Advanced Persistent Threat /APT) & malware analysis using various tools.
  • Conduct analysis on captured user, computer, and network security events, in a near-real time environment, to determine security vulnerabilities, policy violations, and malicious behavior.