Dragos Helps Electric Utilities Meet Expected NERC CIP Standard for Internal Network Security Monitoring (INSM)
August 01 2024 - 10:04AM
Business Wire
Dragos Platform Fulfills INSM Requirements to
Monitor and Protect Critical Electric Infrastructure, Enabling
Electric Utilities to Benefit from Early Adoption Incentives
With the upcoming NERC CIP-015 requirements for Internal Network
Security Monitoring (INSM), electric utilities can meet and exceed
the stringent demands facing them with the advanced capabilities of
the Dragos Platform. The Dragos Platform provides advanced internal
network monitoring specifically designed for industrial
environments, coupled with industry-leading threat detection
capabilities. This empowers customers to meet INSM requirements and
enhance their critical cybersecurity measures.
The NERC CIP-015 regulation introduces new standards mandating
network security monitoring within CIP-networked environments for
High and Medium impact Bulk Electric System (BES) Cyber Systems.
These standards recognize the imperative to improve the detection
of adversarial activity, enabling earlier threat detection and
quicker responses. The core of the INSM requirements are to add the
ability to detect and evaluate anomalous network activity, which is
crucial for identifying unusual activities and responding promptly
to potential cyber threats.
“Threat groups today exploit vulnerabilities that circumvent, or
even leverage, traditional network perimeter-based security
controls highlighting the critical need for enhanced monitoring
within internal networks,” said Jodi Schatz, Chief Product Officer,
Dragos. “INSM requires organizations to implement monitoring of the
east-west network traffic between critical system components. This
level of monitoring significantly enhances threat detection and
response for these organizations, ultimately helping better serve
the populations that rely on their services to keep the lights on
in their cities and counties. The Dragos Platform helps electric
utilities meet and exceed these anticipated compliance standards –
it is what the Platform was built to do for our customers.”
FERC issued Order No. 893 in 2023, which provides incentives to
help utilities invest in advanced cybersecurity technology.
Utilities can seek deferred cost recovery for new cybersecurity
investments that are eligible for incentives. Dragos is actively
partnering with electric utilities to plan for compliance and take
advantage of available incentives with early implementation.
The Dragos Platform supports the NERC CIP-015 regulation by
helping electric utilities:
- Deploy Dragos Sensors to passively analyze east-west network
activity within trusted zones. Dragos offers a Sensor Placement
Study to analyze and provide recommendations to achieve optimal
visibility of internal network traffic.
- Develop baseline configurations of network traffic inside
trusted zones to identify deviations and trigger anomaly
detections.
The Dragos Platform goes beyond standard anomaly detection to
reduce noise and minimize the potential of false positives for
organizations evaluating anomalous activity. It does this by:
- Automatically analyzing data against known Indicators of
Compromise (IOCs) enriched by the Dragos Cyber Threat Intelligence
(CTI) Team.
- Detecting and alerting on threat behaviors to identify known
adversarial tradecraft and Tactics, Techniques, and Procedures
(TTPs) relevant to OT environments.
- Offering enhancements such as Dragos’s
threat-hunting-as-a-service, OT Watch, which conducts ongoing
threat hunts within customer environments using the Dragos
Platform. This service is designed to support compliance with NERC
CIP standards while investigating suspicious activity.
In support of analyzing potential threat detections, the Dragos
Platform provides embedded forensic investigation capabilities, a
centralized dashboard for incident management, and predefined
playbooks for response, also supporting CIP-008 requirements.
Additional services include Sensor Placement Studies, Incident
Response Services & Plan Development Workshops, Architecture
Reviews, Tabletop Exercises, and Rapid Response Retainers.
To learn more about how the Dragos Platform can help electric
utilities implement and achieve the NERC CIP-015 INSM requirements,
register for the Dragos webinar on September 5, 2024: “Maximize
Opportunities with Early INSM Planning: Understanding NERC CIP-015
and Why You Should Start Now.”
About Dragos, Inc.
Dragos has a global mission to safeguard civilization from those
trying to disrupt the industrial infrastructure we depend on every
day. The Dragos Platform offers the most effective industrial
cybersecurity technology, giving customers visibility into their
ICS/OT assets, vulnerabilities, threats, and response actions. The
strength behind the Dragos Platform comes from our ability to
codify Dragos’s industry-leading OT threat intelligence, and
insights from the Dragos services team, into the software. Our
community-focused approach gives you access to the largest array of
industrial organizations participating in collective defense, with
the broadest visibility available.
Our solutions protect organizations across a range of
industries, including electric, oil & gas, manufacturing,
building automation systems, chemical, government, water, food
& beverage, mining, transportation, and pharmaceutical. Dragos
is privately held and headquartered in the Washington, DC area with
regional presence around the world, including Canada, Australia,
New Zealand, Europe, and the Middle East.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240801932313/en/
Kesselring Communications for Dragos Leslie Kesselring
503-358-1012 Leslie@kesscomm.com