The North American Electric Reliability Corporation (NERC) is a not-for-profit entity whose mission is to ensure the reliability of the bulk power system in North America. NERC develops and enforces Reliability Standards; annually assesses seasonal and long term reliability; monitors the bulk power system through system awareness; and educates, trains and certifies industry personnel. The Federal Energy Regulatory Commission and governmental authorities in Canada have approved NERC standards. Entities under NERC’s jurisdiction are the users, owners and operators of the bulk power system. NERC’s major responsibilities include working with all stakeholders to develop standards for power system operation, monitoring and enforcing compliance with those standards, assessing resource adequacy, and providing educational and training resources as part of an accreditation program to ensure power system operators remain qualified and proficient. NERC also investigates and analyzes the causes of significant power system disturbances in order to help prevent future events.
The NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) plan is a set of requirements designed to secure the assets required for operating North America’s bulk electric system. The NERC CIP plan consists of few standards and requirements covering the security of electronic perimeters and the protection of critical cyber assets as well as personnel and training, security management and disaster recovery planning. EventTracker believes that it is crucial to monitor for compliance in a manner as close to real-time as possible.
Using EventTracker to meet NERC/CIP Requirements
EventTracker auto discovers systems and network devices and its roles and assigns asset value for discovered assets. It also allows users to manually change the asset value criticality for the Assets.
EventTracker provides option to verify system configuration and other various compliance configuration assessments along with the benchmarks/policies for those technical assets to make the system secure. Provides reporting to help management with operations, security and compliance-related decision making.
EventTracker identifies all resources by discovery and protect the Assets and Electronic Security devices, including Access Points. EventTracker works with all of the security devices, ESP protection by providing a centralized view of Incidents alerts and reports within a single web console. All information is available via automated real time and offline alerts, reports, simple-yet-powerful investigations.
EventTracker monitors, correlates log and event data across all devices, processes vulnerability score data and sets the risk score of the assets enhancing systems security management and providing a centralized comprehensive view of an organization’s security posture. It monitors against the guidelines provided by vendors and best practice or adopted frameworks. It also includes controls for authentication and account management.
EventTracker monitors all logs and event data from across devices and assets and provides Incident tracking and response management tool which can be used for alerting. EventTracker provides logbook to track status of identification, classification, response and reporting of all Incidents.
EventTracker’s change audit provides an efficient recovery process. It is a diagnostic tool that targets the broad area of Change Management. With this, it provides the user insurance against change that could be harmful. This provides user with the control to manage all systems on your network from one console.