DZone
Security Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Security Zone > NCCoE – NIST Centralizing Situational Awareness in Energy Companies

NCCoE – NIST Centralizing Situational Awareness in Energy Companies

Industry leaders announce the release of a guide that outlines the best methodologies for detecting and remediating security anomalies.

James Lee user avatar by
James Lee
·
Feb. 26, 17 · Security Zone · News
Like (0)
Save
Tweet
2.50K Views

Join the DZone community and get the full member experience.

Join For Free

There’s some cybersecurity news to share coming out of the energy sector.

Waratek, along with a group of companies including Hewlett-Packard Enterprise, Siemens, and RSA, worked closely with the National Cybersecurity Center of Excellence (NCCoe) to develop an example solution for electric companies to alert their staff to potential or actual cyber attacks directed at the grid. The example draft outlines the implementation of this solution and comments from the public are sought until April 17, 2017.

The NCCoE, a part of the National Institutes of Standards and Technology (NIST), recently released the guide to explore the methods utilities can use to more readily detect and remediate anomalous conditions, investigate the chain of events that led to the anomalies, and share findings with other energy companies. The guide shows how companies can control physical and logical access to resources across the energy sector using standards, best practices, and commercially available products in a step-by-step format.

The draft is available for download on the NCCoE website and public comments are encouraged on this step-by-step guide, which is modular and suitable for organizations of all sizes. It also maps security characteristics to guidance and best practices from NIST and other standards organizations. Remember, the NCCoE is seeking comments on this draft through April 17th.

“Collaborating with stakeholders such as members of industry, technology providers, and integrators to produce viable cybersecurity solutions is key to the NCCoE’s success,” said Jim McCarthy, NCCoE Senior Security Engineer and project lead for NCCoE’s energy sector team. “The Situational Awareness practice guide is another successful example of how these stakeholders engage with NCCoE to produce solutions to real word problems that can be adopted to reduce the level of risk for owners and operators in the Energy Sector.”

The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges.

Waratek and the NCCoE both agree that the guide helps meet a critical cybersecurity need and would love to hear what you think. Download the guide and provide your thoughts on the NCCoE website.

Better communication tactics lead to faster resolutions.

NIST Vendors

*While the example solution uses certain products, including Waratek, NIST, and the NCCoE do not endorse these products. The guide presents the characteristics and capabilities of those products, which an organization’s security experts can use to identify similar standards-based products that will fit within with their organization’s existing tools and infrastructure.

NIST (metric)

Published at DZone with permission of James Lee, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Major PostgreSQL Features You Should Know About
  • JIT Compilation of SQL in NoSQL
  • Build a Data Pipeline on AWS With Kafka, Kafka Connect, and DynamoDB
  • Monolith vs Microservices Architecture: To Split or Not to Split?

Comments

Security Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo