Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Tripwire Launches NERC Compliance Solution

Tripwire, a provider of security risk and compliance management tools, this week launched its NERC Solution Suite, a combination of customized tools and services designed to help utilities automate, achieve and maintain North American Electrical Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance.

Tripwire, a provider of security risk and compliance management tools, this week launched its NERC Solution Suite, a combination of customized tools and services designed to help utilities automate, achieve and maintain North American Electrical Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance.

Based on the company’s Tripwire Enterprise and Tripwire Log Center, The NERC Solution Suite provides security configuration management and incident detection solutions, and specialized intelligence including policy rules, correlation rules, tools, templates, customized reports and dashboards.

Tripwire LogoTripwire says its NERC Solution Suite dramatically reduces the time and resources required to pass NERC CIP audits and minimize audit findings.

As cyber attacks against energy firms has increased, pressure on energy firms to improve NERC CIP compliance – particularly requirements connected with cyber security – has increased.

Achieving and maintaining NERC CIP compliance can be difficult because the requirements change frequently. Compliance also requires continuous monitoring of critical assets as well as periodic collection of detailed evidence. The steps necessary to pass an audit can be extremely time consuming, are often done manually and can be error-prone.

Key features include:

• Audit-ready reports and dashboards that deliver evidence conveniently grouped by CIP requirement

• Continuous monitoring that immediately detects detailed status information across a wide range of critical cyber assets, from computer systems and network devices to badge entry systems and SCADA devices

• Automated assessment and aggregation of this security data alerts to potential security breaches or configuration modifications affecting compliance status

• Support for a broad range of regulations beyond NERC CIP requirements, including PCI, HIPAA and SOX

“The NERC Solution Suite is a flexible package that encapsulates technology and industry expertise to help our electricity sector customers prepare for and achieve compliance with NERC CIP versions 3, 4 and 5,” said Jeff Simon, director of service solutions for Tripwire.

More information is available online.

Related: U.S. Utilities Face Constant Barrage of Attacks

Written By

Click to comment

Expert Insights

Related Content

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...