Description |
1 online resource (290 pages) : color illustrations |
|
text txt rdacontent |
|
computer c rdamedia |
|
online resource cr rdacarrier |
Series |
NIST special publication ; 1800-7 |
|
NIST special publication ; 1800-7.
|
Note |
"August 2019." |
Bibliography |
Includes bibliographical references. |
Contents |
volume A. Executive summary -- volume B. Approach, architecture, and security characteristics -- volume C. How-to guides. |
Summary |
Situational awareness, in the context of this guide, is the understanding of one's environment and the ability to predict how it might change due to various factors. As part of their current cybersecurity efforts, some electric utilities monitor physical, operational, and information technology (IT) separately. According to energy sector stakeholders, many utilities are currently assessing a more comprehensive approach to situational awareness, which, through increased real-time or near real-time cybersecurity monitoring, can enhance the resilience of their operations. The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) built a laboratory environment to explore an example solution that can be used by energy sector companies to alert their staff to potential or actual cyber attacks directed at the grid. The security characteristics in our situational awareness platform are informed by guidance and best practices from standards organizations, including the NIST Cybersecurity Framework and North American Electric Reliability Corporation's (NERC) Critical Infrastructure Protection (CIP) Version 5 standards. This NIST Cybersecurity Practice Guide demonstrates how organizations can use commercially available products that can be integrated with an organization's existing infrastructure. The combination of these products provides a converged view of all sensor data within the utility's network systems, including IT, operational, cyber, and physical access control systems, which often exists in separate 'silos.' The example solution is packaged as a 'how to' guide that demonstrates implementation of standardsbased cybersecurity technologies in the real world and based on risk management. The guide may help inform electric utilities in their efforts to gain situational awareness efficiencies. Doing so may enable faster monitoring, identification, and response to incidents while also saving research and proof-ofconcept costs for the sector and its ratepayers and customers. |
Note |
Online resource; title from PDF title page (viewed August 13, 2019). |
Subject |
Interconnected electric utility systems -- United States -- Safety measures.
|
|
Computer networks -- United States -- Safety measures.
|
|
Situational awareness.
|
|
Electric utilities.
|
|
Energy industries.
|
|
Computer security.
|
|
Information technology.
|
|
Electronic data processing.
|
|
Computer networks -- Security measures -- United States.
|
|
electric utilities.
|
|
information technology.
|
|
Electronic data processing
|
|
Electric utilities
|
|
Computer security
|
|
Energy industries
|
|
Information technology
|
|
Situational awareness
|
|
United States https://id.oclc.org/worldcat/entity/E39PBJtxgQXMWqmjMjjwXRHgrq
|
Indexed Term |
Correlated events |
|
Energy sector |
|
Operational technology |
|
Physical access control systems |
|
Security event and incident management |
Added Author |
National Cybersecurity Center of Excellence (U.S.), issuing body.
|
Gpo Item No. |
0247 (online) |
Sudoc No. |
C 13.10:1800-7 |
|