We understand that protecting national critical infrastructure like the national electrical grid is a priority for virtually all utilities, energy providers and government agencies. When it comes to NERC (North American Electric Reliability Corporation) it maintains a set of cybersecurity standards for Critical Infrastructure Protection (CIP).
For example, NERC Standards CIP-002-3 through CIP-009-3 set forth a cybersecurity framework to identify and protect critical cyberassets of the bulk electric system. Threats from hackers and cyberterrorists, both perceived and real, legislative mandates with the promise of fines for non-compliance, and the opportunity to upgrade network infrastructure are all driving compliance with NERC CIP.
Mosaic451 Helps You Achieve NERC CIP Compliance
NERC CIP compliance efforts can be optimized when combined with automation and control updates to infrastructure, to meet compliance as well as smart grid and intelligent utility objectives.
Mosaic451 Managed Security Services and Security Consulting Services can assist organizations with NERC CIP compliance and the protection of critical cyberassets.
Mosaic451 services help energy and utility organizations with:
Assess and Measure Gaps NERC CIP risk assessments performed by experienced, certified security professionals experienced in dealing with new and legacy industrial control environments; prioritized and actionable recommendations; peer benchmarking. Remediate and Enhance Experienced, certified security professionals, security program, policy,and procedures design, services, tools and process implementation.
Execute and Monitor NERC CIP compliant Log Monitoring, Log Management, Vulnerability Management and Security Device Management. Demonstrate Compliance Standard and customizable reporting, secure evidence repository for all NERC CIP compliance related assessments, results and reports; integrated ticketing with assignment, tracking, and journaling.
A track record of delivering managed and security consulting services that meet NERC CIP requirements A staff of experienced, certified security and compliance professionals Participation in utility industry and regional groups Proven Managed Security Services and Security Consulting Services Certified security experts (HITRUST CSF, CISSP, CISA, CISM, GCIA, CSOA, QSA and others)
Compliance Activity Mosaic451 Services / Capabilities Regulatory Mapping Assess and Measure Gaps Security Consulting services; certified security professionals CIP-002-3, CIP-003-3, CIP-004-3 Remediation and Enhancement Security Consulting Services; certified security professionals; authorized partner consulting services CIP-003-3, CIP-007-3, CIP-008-3, CIP-009-3 Execute and Monitor Security Program Log Monitoring; Log Management; Vulnerability Management; Security Device Management; authorized partner consulting services CIP-002-3, CIP-003-3, CIP-005-3, CIP-007-3, CIP-008-3, CIP-009-3 Demonstrate Compliance Evidence Repository; security and compliance reporting; Security Consulting Services CIP-002-3, CIP-003-3, CIP-004-3, CIP-005-3, CIP-007-3, CIP-008-3, CIP-009-3