NERC - ArcSight Compliance

ArcSight Compliance Insight Package for NERC CIP 002-009

The ArcSight Compliance Insight Package for NERC provides pre-packaged content for continuous discovery, assessment, and documentation of compliance with NERC CIP standards and visibility into breaches and threats targeting Bulk Electric Supply reliability.

Capabilities

  • Dashboards for individual NERC CIP requirements enabling top down visibility into compliance levels
  • Real-time monitoring rules for continuous detection of known vulnerabilities and attack vectors against electric utility infrastructure
  • Business and technical drill down reports to automate audit requirements associated with NERC CIP mandates 002-009
  • Continuous monitoring of user interactions with critical cyber-security assets and sensitive data based on roles and privileges
  • Automated risk-based actions, including priority escalation, case creation and notification

Benefits

  • Reduced operational cost of compliance through automation of NERC CIP audit requirements
  • Continuous protection against cyber attacks against SCADA and / or DCS (Distributed Control Systems) electric utility infrastructure
  • Reduced need for internal compliance expertise through pre-packaged audit content authoritatively mapped to NERC CIP requirements and derived from standards such as NIST 800-53 and ISO 27002-2005
  • Protection of sensitive data in utility environment through continuous user monitoring

The ArcSight Compliance Insight Package for NERC CIP Standards 002-009 is part of the broader ArcSight solution for electric utilities - ArcSight Protection Suite for NERC CIP Compliance which is optimized for utilities on both the power generation and the transmission side of the business. The ArcSight Protection Suite for NERC CIP Compliance builds on the ArcSight industry-leading SIEM (Security Information and Event Management) platform for safeguarding critical infrastructure within electric utilities from malicious intrusion, insider threats and non-compliance risk, thereby ensuring reliability of the power grid.