Tripwire, a provider of security risk and compliance management tools, this week launched its NERC Solution Suite, a combination of customized tools and services designed to help utilities automate, achieve and maintain North American Electrical Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance.
Based on the company’s Tripwire Enterprise and Tripwire Log Center, The NERC Solution Suite provides security configuration management and incident detection solutions, and specialized intelligence including policy rules, correlation rules, tools, templates, customized reports and dashboards.
As cyber attacks against energy firms has increased, pressure on energy firms to improve NERC CIP compliance – particularly requirements connected with cyber security – has increased.
Achieving and maintaining NERC CIP compliance can be difficult because the requirements change frequently. Compliance also requires continuous monitoring of critical assets as well as periodic collection of detailed evidence. The steps necessary to pass an audit can be extremely time consuming, are often done manually and can be error-prone.
Key features include:
• Audit-ready reports and dashboards that deliver evidence conveniently grouped by CIP requirement
• Continuous monitoring that immediately detects detailed status information across a wide range of critical cyber assets, from computer systems and network devices to badge entry systems and SCADA devices
• Automated assessment and aggregation of this security data alerts to potential security breaches or configuration modifications affecting compliance status
• Support for a broad range of regulations beyond NERC CIP requirements, including PCI, HIPAA and SOX
“The NERC Solution Suite is a flexible package that encapsulates technology and industry expertise to help our electricity sector customers prepare for and achieve compliance with NERC CIP versions 3, 4 and 5,” said Jeff Simon, director of service solutions for Tripwire.
More information is available online.