ArcSight Introduces New Protection Suite for NERC CIP Compliance

ArcSight Introduces New Protection Suite for NERC CIP Compliance to Safeguard Critical Electric Utility Control Systems, Power Generation Plants and Transmission Infrastructure

ArcSight Suite Offers Scalable and Cost-Effective Protection and Compliance Enforcement

CUPERTINO, Calif. – April 14, 2009 – ArcSight, Inc. (NASDAQ: ARST), a leading global provider of compliance and security management solutions that protect enterprises and government agencies, today announced the release of the ArcSight Protection Suite for NERC CIP Compliance. This suite builds on ArcSight industry-leading security solutions that safeguard electric utilities from malicious intrusion, insider threats and non-compliance risks across the breadth of NERC Compliance Infrastructure Protection (CIP) standards 002-009, that help to ensure the reliability of the bulk power system.

“Monitoring critical cyber assets is essential to maintaining the security and reliability of the electrical grid,” said Reed Henry, Senior Vice President of Marketing, ArcSight. “The NERC CIP standards are a good start, but a good start doesn’t necessarily equate to being secure. Our customers are proactively protecting their systems by establishing baselines of what’s normal, and then implementing continuous monitoring oversight to quickly identify systems that have been compromised. In these times when cyber spies clearly are targeting our utilities, world-class event monitoring and correlation is a necessary requirement to stop these threats and protect our critical infrastructure.”

The North American Electric Reliability Corporation (NERC) mission is to ensure the reliability of the bulk power system in North America. Increasing interconnectedness of bulk electric systems with open protocols and technology has brought systems with long expected lifetimes and minimal planned upgrades into contact with technology with short maintenance and security patch cycles. The North American bulk power system is therefore increasingly exposed to threats from cybercrime and cyberterrorism. The NERC CIP standards were drafted to improve reliability in the face of these threats. These standards include critical cyber asset identification, security management controls, personnel and training, electronic security perimeters, physical security of critical cyber assets, systems security management, incident reporting and response planning and recovery plans for critical cyber assets. For information about these standards, see http://www.nerc.com/page.php?cid=2|20.

Many bulk electric entities must be in compliance with these standards by the end of June 2009. Non-compliance can result in fines as high as $1 million per day per violation, based on incident severity and a number of risk factors.

The ArcSight Protection Suite for NERC CIP Compliance is a scalable and cost-effective solution for reducing risk and protecting critical utility operations, assets and for automated monitoring of ongoing compliance with NERC CIP standards. It proactively protects the electric grid by monitoring all critical systems for threats, correlating event data and automating compliance reporting for the NERC standards. Many leading utilities are using ArcSight products to secure their power generation and transmission infrastructure against growing global cyber threats.

“The security and reliability of power grids is obviously of the utmost importance, and monitoring the complex systems that maintain the network requires sophisticated collection and correlation capabilities,” said Nick Galletto, Partner, Security and Privacy Services Group at Deloitte Canada. “Only through advanced correlation can a company find the needle in the haystack that could bring down the grid, affecting the lives of millions of people.”

The ArcSight Protection Suite for NERC CIP Compliance provides a central point for analysis of daily business operations by collecting data broadly, via hundreds of different types of device and application connectors for highly interconnected and diverse dynamic systems. The solution delivers a detailed set of customizable rules, dashboards, data monitors and reports that help meet the NERC CIP standards. The solution is modular and can be deployed collectively or in phases.

Components include:

ArcSight ESM: Delivers continuous and thorough breach detection monitoring and compliance assessment through centralized event analysis via a powerful cross-device correlation engine and sophisticated analysis tools that use rules, dashboards and reports.
ArcSight Logger: Delivers advanced high performance log collection, aggregation and analysis via capture and archival of all log data and reporting for comprehensive visibility into events, including events related to compliance with NERC CIP standards.
ArcSight Connectors: Delivers the industry’s broadest and deepest event collection support spanning the IT infrastructure including custom sources, in-house applications and physical access points deployed as software or in Connector Appliances.
ArcSight Threat Response Manager (TRM): Delivers threat remediation workflow for threat isolation, impact analysis, notification and quarantining options.
ArcSight IdentityView: Monitors accounts with priority access beyond access control and role management to build a clear profile of what key users are doing both on the network and off.
ArcSight Compliance Insight Package for NERC: Delivers prepackaged rules, dashboards and reports that address NERC CIP compliance reporting and auditing requirements.

Pricing and Availability

The ArcSight Protection Suite for NERC CIP Compliance is currently available in a variety of configuration and pricing packages designed to best fit customer needs and deployment environments; packages start at $70,000 (US list).

For sales information, contact info@arcsight.com or call (408) 864 2600.

About ArcSight

ArcSight (NASDAQ: ARST) is a leading global provider of compliance and security management solutions that protect enterprises and government agencies. ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. The ArcSight platform collects and correlates user activity and event data across the enterprise so that businesses can rapidly identify, prioritize, and respond to compliance violations, policy breaches, cybersecurity attacks, and insider threats. For more information, visit www.arcsight.com. (ARST-IR)