•  
Siemens: RuggedCom RSG2488 New Timing CapabilitiesAdvertisement
BACK SEND PRINT

Guidelines for Planning an Integrated Security Operations Center



The EPRI Cyber Security team published a report titled, “Guidelines for Planning an Integrated Security Operations Center.”

This report describes strategies and guidelines for utilities to plan and implement an Integrated Security Operations Center (ISOC) that includes corporate systems, control systems and physical security. Currently, multiple groups and operators independently gather and analyze information from a datacenter, workstation networks, physical security, supervisory control and data acquisition (SCADA) systems, energy management systems (EMS), historians, and field equipment. Data is also collected and analyzed from Computer Emergency Readiness Teams (CERTs) and Information Sharing and Analysis Centers (ISACs). Correlating this data to find suspicious activity can be extremely challenging and often only occurs long after an incident happens. 

An ISOC is designed to collect, integrate, and analyze alarms and logs from these traditionally siloed organizations, providing much greater situational awareness to the utility’s security team. Additionally, an ISOC allows utilities to transition to an intelligence-driven approach to incident management, which is much more effective for handling advanced threats. Because of these advantages, creating an ISOC may provide significant value to utilities. However, building an ISOC requires significant technical resources, staff, and time.

This research focuses on the initial steps in the process of setting up an ISOC: developing the business case, potential organizational challenges, tradeoffs for different ISOC architectures, and planning the implementation process. These results are based on current research, engagement with utilities, and an examination of ISOC implementations outside of the electric sector.

Three takeaways from this report are:

  • Strong executive support is critical to the success of an ISOC deployment
  • Organizational challenges to integrating security functions can exceed the technical challenges
  • There is not a ‘one size fits all’ approach to designing an ISOC


For more information :

Organization:
Electric Power Research Institute (EPRI)
Address:
3420 Hillview Avenue
Palo Alto, California
United States, 94304
www.epri.com

Contact person:

Don Kintner
Communications Manager
Tel: 704-595-2506
E-mail: dkintner@epri.com


Link http://www.electricenergyonline.com/detail_news.php?ID=470767
BACK SEND PRINT
Most consulted news
White Papers

Contact us

Jaguar Expo Inc
1160 rue Levis, Suite 100
Terrebonne (Quebec) J6W 5S6

Tel.: 450-471-0796
Toll free: 888-332-3749
Fax: 450-471-5443 . 888-243-4562

info@electricenergyonline.com
www.electricenergyonline.com

  Press

  Jobs

  Events

  Subscription

  News

  Magazine

  News on your smartphone

© 2014, Jaguar Media inc. All rights reserved. 1996-2014