Cybersecurity Challenges as Learned Working with NERC CIP Requirements
Slide archives are not available for this presentation.
NERC CIP is regarded as the most rigorous set of cybersecurity compliance requirements within any vertical. This presentation will discuss the implementation challenges of complying with the current NERC CIP versions 1-3 and future versions within control centers, transmission substations, and generating facilities.
Matthew E. Luallen is a renowned instructor and author, and co-founder of Encari. As the principal technical consultant at Encari, he has advised numerous federal agencies, financial institutions, electric utilities, law enforcement, and national testing laboratories about best practices on identifying and mitigating cyber security control vulnerabilities of business information and industrial control systems. Mr. Luallen has written, consulted, and trained extensively on process control and SCADA security issues. He performed groundbreaking work with utilities and regional reliability organizations on compliance with NERC’s Urgent Action Cyber Security Standard 1200 (UA 1200), and in recent years has continued to contribute to the development of the NERC CIP Reliability Standards. With respect to his NERC CIP consulting practice, he has performed gap analyses and developed and implemented remediation strategies across all of the CIP Standards for a wide variety of devices deemed as Critical Cyber Assets. Prior to founding Encari, Mr. Luallen provided strategic guidance for Argonne National Laboratory as member of its Information Architecture and Cyber Security Program Office. Mr. Luallen is a graduate of the National Technological University with a Master's Degree in Computer Science. He also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois at Urbana-Champaign.
The seminar series is presented by the Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Project, an $18 million multi-university research effort whose partner institutions include the University of Illinois at Urbana-Champaign, Arizona State University, Dartmouth, and Washington State University. The TCIPG Project, a successor to the earlier NSF-funded TCIP Center, was founded in 2009 with support from the U.S. Department of Energy and the U.S. Department of Homeland Security. It is housed in the Information Trust Institute, University of Illinois at Urbana-Champaign.