Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Product integration for critical infrastructure protection compliance

Tripwire Inc : 14 March, 2014  (New Product)
Suite of products available from Tripwire enabling utility companies to achieve compliance with NERC Critical Infrastructure Protection
Product integration for critical infrastructure protection compliance

Tripwire has announced the integration of Tripwire IP360 into their NERC Solution Suite version 2.0, a powerful combination of customized tools and services designed to help utilities automate, achieve and maintain compliance with all approved versions of North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP).

The NERC CIP is a set of requirements designed to secure the assets required for operating North America's bulk electrical system (BES). The recently updated plan consists of ten standards and 32 requirements that cover the security of electronic perimeters, the protection of critical cyber assets, security management, personnel training and disaster recovery planning. Organizations with NERC CIP compliance violations can be fined up to $1 million per day, and over the past four years, NERC CIP fines have totaled more than $150 million.

Achieving and maintaining compliance with new versions of NERC CIP requires continuous monitoring of critical assets as well as periodic collection of detailed audit evidence. The steps necessary to pass NERC CIP audits can be extremely time consuming, are often done manually and can be error-prone. New requirements in NERC CIP version 5 include security configuration change management, vulnerability management for BES Cyber Assets, and information protection, making the compliance process for BES organizations even more complex.

The NERC Solution Suite combines Tripwire Enterprise, Tripwire IP360 and Tripwire Log Center, award-winning security configuration management, vulnerability management and incident detection solutions. The solution also includes specialized intelligence including policy rules, correlation rules, tools, templates, customized reports and dashboards derived through work with over 100 NERC Registered Entities and the NERC Regional Auditor community. Together with customized services from NERC-experienced consultants, the NERC Solution Suite dramatically reduces the time and resources required to pass NERC CIP audits and minimize audit findings.

Key features include:

* Auto-discovery of all BES Cyber Assets, including hardware and software to ensure all critical assets are protected.
* Continuous monitoring that rapidly detects detailed status information across a wide range of critical cyber assets, from computer systems and network devices to SCADA and other industrial control systems to identify early indications of breach activity.
* Whitelisting capability for monitoring ports, services, software versions, and local user credentials.
* Audit-ready reports and dashboards that deliver evidence of compliance conveniently grouped by CIP requirement.

“The expanded coverage of all approved CIP requirements in the new version of the Tripwire NERC Solution Suite enhances our customers’ ability to improve power generation and transmission reliability by automating the audit process,” said Jeff Simon, director of service solutions at Tripwire. “Our extensive NERC-specific reports and dashboards in combination with our deep domain expertise help us deliver customized solutions for clients working toward CIP versions three and five compliance as well as stronger cybersecurity.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo