Find White Papers
Home About Contact Help
Free Membership Member Login
Nov 20, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

NERC CIP Compliance

LogRhythm
By : LogRhythm
INFORMATION
Published : Aug 03, 2008
Length : 9
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :
The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to “ensure that the bulk electric system in North America is reliable, adequate and secure.”  The Critical Infrastructure Protection (CIP) Cyber Security Standards maintained by NERC are intended to ensure the protection of the Critical Cyber Assets that control or effect the reliability of North America’s bulk electric systems.  In 2006,the Federal Energy Regulatory Commission (FERC) approved the Security and Reliability standards proposed by NERC, making the CIP Cyber Security Standards mandatory and enforceable across all users, owners and operators of the bulk-power system.

Get the facts you need to know about how the collection, management and analysis of log data are integral to meeting many NERC CIP requirements.
View All Items By This Company
Browse Related Categories :

Enterprise Applications

,

HIPAA Compliance

,

PCI Compliance

,

Sarbanes Oxley Compliance

,

Security
 
The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to “ensure that the bulk electric system in North America is reliable, adequate and secure.” As the federally designated Electric Reliability Organization (ERO) in North America, NERC maintains comprehensive reliability standards that define requirements for planning and operating the collective bulk power system. Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which are intended to ensure the protection of the Critical Cyber Assets that control or effect the reliability of North America’s bulk electric systems.

In 2006, the Federal Energy Regulatory Commission (FERC) approved the Security and Reliability Standards proposed by NERC, making the CIP Cyber Security Standards mandatory and enforceable across all users, owners and operators of the bulk-power system. After going into effect in June 2006, initial compliance auditing began in June 2007.

The collection, management, and analysis of log data are integral to meeting many NERC CIP requirements. IT
environments consist of heterogeneous devices, systems, and applications all reporting log data. Millions of individual log entries can be generated daily if not hourly. The task of assembling this information can be overwhelming in itself. The additional requirements of analyzing and reporting on log data render manual processes or homegrown remedies inadequate and costly.

LogRhythm has extensive experience in helping organizations improve their overall security and compliance posture while reducing costs. Log collection, archive, and recovery are fully automated across the entire IT
infrastructure. LogRhythm automatically performs the first level of log analysis. Log data is categorized, identified, and normalized for easy analysis and reporting. LogRhythm’s powerful alerting capability automatically identifies the most critical issues and notifies relevant personnel. LogRhythm’s out-of-the box
NERC CIP reporting package ensures you meet your reporting requirements.

The CIP 002-009 Standards provides the minimum requirements of the NERC CIP Cyber Security Standards. The
remainder of this paper lists the applicable CIP standards that LogRhythm is directly aligned with. For each
requirement, an explanation of how LogRhythm supports compliance is provided.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map