Take the Next Step

Request More Information

Browse the Resource Center

Attend a Live Webinar

ArcSight Protection Suite for NERC CIP Compliance

The ArcSight Protection Suite for NERC CIP Compliance offers the most comprehensive, scalable, and cost-effective solution for protection of critical cyber assets and compliance with the NERC CIP 002–009 standards.

Highlights

• Demonstrate compliance with NERC CIP audit requirements
• Detect threats against critical cyber assets in real-time
• Ensure the reliability of bulk electric supply and underlying
infrastructure

NERC CIP (Critical Infrastructure Protection) 002-009 Standards
The North American Electric Reliability Corporation (NERC) was formed to promote the reliability and adequacy of bulk power transmission in the electric utility systems of North America. With increasing connectivity across utility infrastructure, much of which was deployed before the advent of the Internet, the North American electrical grid is increasingly a target of cyber-crime designed to disrupt critical services including power supply. NERC Critical Infrastructure Protection (CIP) regulations were put into place to ensure the reliability of the power grid and protect critical electric utility operations and assets. The NERC CIP regulations include eight mandatory reliability standards that require implementing safeguards or controls across critical utility infrastructure and monitoring their effectiveness.

Some utilities must be compliant with these standards by the end of June 2009. This is also when they must begin to maintain and archive all required audit records. Non-compliance can result in fines as high as $1 million per day per violation, based on incident severity and a number of risk factors.

ArcSight Protection Suite for NERC CIP Compliance
The ArcSight Protection Suite for NERC CIP Compliance is the market-leading solution for automation of NERC CIP compliance monitoring through collection, storage, reporting, and real-time correlation of events across all utility infrastructure. It provides a central point of analysis for daily business operations by tracking activity on critical cyber assets.

Benefits:

• Reduce the cost of NERC CIP audits through automation
• Protect operating margins and customer satisfaction by reducing the risk of outages
• Mitigate the risk of non-compliance fines
• Secure sensitive data including customer information, personnel data, and network information
• Leverage best practices in monitoring critical infrastructure and reduce the need for internal compliance expertise
• Easily extend your investment to broader use cases and regulatory initiatives

The ArcSight Protection Suite for NERC CIP Compliance is modular and can be deployed collectively or in phases. For more information click here.