Professional Documents
Culture Documents
A Presentation By:
EnergySec
FoxGuard Solutions
NRG
It’s Interactive
2
It’s Hip to Chat
EnergySec is hosting an online chat to accompany this
webinar which is open to all registered EnergySec
Community participants.
To join the chat as a guest, visit:
https://hipchat.energysec.org/gEUq1qmNi
If you have a HipChat account already, join us in the room.
Note: Registered users have access to the chat history, file
attachments, and links
3
Agenda
§ Introductions
§ CIP-007-5 Requirements
§ Need
§ Challenges
§ Understanding Patch and Update
Management
§ Customer Insight
§ Q&A
4
Meet Your Panelists
Karl
Perman
VP,
Services
EnergySec
Monta
Elkins
Security
Architect
FoxGuard
SoluJons
Larry
Snow
NERC
CIP
Manager/East
and
Midwest
NRG
5
CIP-007-5- SECURITY PATCH
MANAGEMENT
6
CIP-007-5 Part 2.1
7
CIP-007-5 Part 2.2
§ High Impact BES Cyber Systems and their
associated:
– EACMS, PACS, PCA
§ Medium Impact BES Cyber Systems and their
associated:
– EACMS, PACS, PCA
§ At least once every 35 calendar days, evaluate
security patches for applicability that have been
released since the last evaluation from the
source or sources identified in Part 2.1.
8
CIP-007-5 Part 2.3
§ High Impact BES Cyber Systems and their associated:
– EACMS, PACS, PCA
§ Medium Impact BES Cyber Systems and their associated:
– EACMS, PACS, PCA
§ For applicable patches identified in Part 2.2, within 35 calendar
days of the evaluation completion, take one of the following actions:
– Apply the applicable patches;
– or Create a dated mitigation plan;
– or Revise an existing mitigation plan.
§ Mitigation plans shall include the Responsible Entity’s planned
actions to mitigate the vulnerabilities addressed by each security
patch and a timeframe to complete these mitigations.
9
CIP-007-5 Part 2.4
§ High Impact BES Cyber Systems and their associated:
10
Why the need for a patch
management program?
§ Know, track, and mitigate the known software
vulnerabilities associated with BES Cyber
Assets.
§ Intention is to be aware of in a timely manner
and manage all known vulnerabilities not
install every security patch (SDT intent)
11
Challenges
§ What is a cyber security patch?
§ Who can be a source?
§ When does the assessment timeframe clock
start?
§ When to patch and when to mitigate?
12
Understanding
Patch & Update Management
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
13
Monta Elkins is the Security Architect for FoxGuard
Solutions, nation’s leading ICS patch provider.
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
14
WHAT IS A PATCH?
P UPDATE
A
T
C UPGRADE
H
FIRMWARE ENHANCEMENT
SERVICE BULLETIN
! NERC RFI
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
16
PATCHING CHALLENGES
! NERC CIP-007-5
! Timing Constraints
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
17
DEVICES & APPLICATIONS SUPPORTED
SUPPORTED
SUPPORTED
ASSETS
ASSETS
NETWORK FIELD
DEVICES DEVICES
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
18
STAGES OF PATCH MANAGEMENT
2. AVAILABILITY
3. APPLICABILITY
4. ACQUISITION
5. VALIDATION
6. DEPLOYMENT
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
19
BENEFITS OF AGGREGATOR
! Positive Notification
! Notification For Each Device On A Regular Schedule
! Notification Of “Negative Change”
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
20
PATCH & UPDATE MANAGEMENT PROGRAM
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
21
CUSTOMER INSIGHT
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
22
THE NRG PERSPECTIVE
The company, product and service names used in this presentation are for identification purposes only. All trademarks and registered trademarks are the property of their respective owners.
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
23
GROUP DISCUSSION
Points To Remember
! Comprehensive Patch Management Solutions
! Over 10 Years Of Patching Expertise In The Energy Industry
! Long History Of Program Management
! Our Company Is Designed To Be An Extension Of Yours
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
24
CONTACT INFORMATION
WEBSITE www.foxguardsolutions.com
TELEPHONE 877.446.4732
EMAIL requestinfo@foxguardsolutions.com
LINKEDIN www.linkedin.com/company/717871
TWITTER twitter.com/FoxGuardInc
www.foxguardsolutions.com Cyber
Cyber Security
Security | Compliance
| Compliance | Industrial
| Industrial Computing
Computing
25