Cyber Security
Dragos Helps Electric Utilities Meet Expected NERC CIP Standard for Internal Network Security Monitoring (INSM)
By Business Wire
Dragos Platform Fulfills INSM Requirements to Monitor and Protect Critical Electric Infrastructure, Enabling Electric Utilities to Benefit from Early Adoption Incentives
HANOVER, Md.--(BUSINESS WIRE)--With the upcoming NERC CIP-015 requirements for Internal Network Security Monitoring (INSM), electric utilities can meet and exceed the stringent demands facing them with the advanced capabilities of the Dragos Platform. The Dragos Platform provides advanced internal network monitoring specifically designed for industrial environments, coupled with industry-leading threat detection capabilities. This empowers customers to meet INSM requirements and enhance their critical cybersecurity measures.
The NERC CIP-015 regulation introduces new standards mandating network security monitoring within CIP-networked environments for High and Medium impact Bulk Electric System (BES) Cyber Systems. These standards recognize the imperative to improve the detection of adversarial activity, enabling earlier threat detection and quicker responses. The core of the INSM requirements are to add the ability to detect and evaluate anomalous network activity, which is crucial for identifying unusual activities and responding promptly to potential cyber threats.
“Threat groups today exploit vulnerabilities that circumvent, or even leverage, traditional network perimeter-based security controls highlighting the critical need for enhanced monitoring within internal networks,” said Jodi Schatz, Chief Product Officer, Dragos. “INSM requires organizations to implement monitoring of the east-west network traffic between critical system components. This level of monitoring significantly enhances threat detection and response for these organizations, ultimately helping better serve the populations that rely on their services to keep the lights on in their cities and counties. The Dragos Platform helps electric utilities meet and exceed these anticipated compliance standards – it is what the Platform was built to do for our customers.”
FERC issued Order No. 893 in 2023, which provides incentives to help utilities invest in advanced cybersecurity technology. Utilities can seek deferred cost recovery for new cybersecurity investments that are eligible for incentives. Dragos is actively partnering with electric utilities to plan for compliance and take advantage of available incentives with early implementation.
The Dragos Platform supports the NERC CIP-015 regulation by helping electric utilities:
- Deploy Dragos Sensors to passively analyze east-west network activity within trusted zones. Dragos offers a Sensor Placement Study to analyze and provide recommendations to achieve optimal visibility of internal network traffic.
- Develop baseline configurations of network traffic inside trusted zones to identify deviations and trigger anomaly detections.
The Dragos Platform goes beyond standard anomaly detection to reduce noise and minimize the potential of false positives for organizations evaluating anomalous activity. It does this by:
- Automatically analyzing data against known Indicators of Compromise (IOCs) enriched by the Dragos Cyber Threat Intelligence (CTI) Team.
- Detecting and alerting on threat behaviors to identify known adversarial tradecraft and Tactics, Techniques, and Procedures (TTPs) relevant to OT environments.
- Offering enhancements such as Dragos’s threat-hunting-as-a-service, OT Watch, which conducts ongoing threat hunts within customer environments using the Dragos Platform. This service is designed to support compliance with NERC CIP standards while investigating suspicious activity.
In support of analyzing potential threat detections, the Dragos Platform provides embedded forensic investigation capabilities, a centralized dashboard for incident management, and predefined playbooks for response, also supporting CIP-008 requirements. Additional services include Sensor Placement Studies, Incident Response Services & Plan Development Workshops, Architecture Reviews, Tabletop Exercises, and Rapid Response Retainers.
To learn more about how the Dragos Platform can help electric utilities implement and achieve the NERC CIP-015 INSM requirements, register for the Dragos webinar on September 5, 2024: “Maximize Opportunities with Early INSM Planning: Understanding NERC CIP-015 and Why You Should Start Now.”
About Dragos, Inc.
Dragos has a global mission to safeguard civilization from those trying to disrupt the industrial infrastructure we depend on every day. The Dragos Platform offers the most effective industrial cybersecurity technology, giving customers visibility into their ICS/OT assets, vulnerabilities, threats, and response actions. The strength behind the Dragos Platform comes from our ability to codify Dragos’s industry-leading OT threat intelligence, and insights from the Dragos services team, into the software. Our community-focused approach gives you access to the largest array of industrial organizations participating in collective defense, with the broadest visibility available.
Our solutions protect organizations across a range of industries, including electric, oil & gas, manufacturing, building automation systems, chemical, government, water, food & beverage, mining, transportation, and pharmaceutical. Dragos is privately held and headquartered in the Washington, DC area with regional presence around the world, including Canada, Australia, New Zealand, Europe, and the Middle East.
Contacts
Kesselring Communications for Dragos
Leslie Kesselring
503-358-1012
Leslie@kesscomm.com
First published on Thu, Aug 1, 2024
Enjoyed what you've read so far? Great news - there's more to explore!
Stay up to date with the latest news, a vast collection of tech articles including introductory guides, product reviews, trends and more, thought-provoking interviews, hottest AI blogs and entertaining tech memes.
Plus, get access to branded insights such as informative white papers, intriguing case studies, in-depth reports, enlightening videos and exciting events and webinars from industry-leading global brands.
Dive into TechDogs' treasure trove today and Know Your World of technology!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. All information / content found on TechDogs' site may not necessarily be reviewed by individuals with the expertise to validate its completeness, accuracy and reliability.
Trending Business Wire
Compliance Scorecard Recognized In Channel Insiders Inaugural Channel VIP List For Driving MSP Growth And Innovation
By Business Wire
Elastic Now Collaborates With AWS To Leverage Generative AI Capabilities
By Business Wire
Helios Technologies Launches Powerview U35, The First Round Display In The Ultimate Series
By Business Wire
Imagekit Unveils Advanced Video API To Simplify Video Post-Production And Delivery
By Business Wire
Kingswood Capital Management Acquires IDX, A Leading Provider Of Data Breach Response Services And Digital Privacy Protection
By Business Wire
Join Our Newsletter
Get weekly news, engaging articles, and career tips-all free!
By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.
Join The Discussion