AlertEnterprise NERC CIP Compliance Automation with Active Policy Enforcement

Overview

Requirements for NERC CIP compliance continue to grow more complex as just controls documentation solutions alone cannot guarantee security. The combination of IT Security for cyber critical assets, the creation of electronic security perimeters and tracking physical access to critical assets for employees and contractors, even after they have been terminated, poses a daunting challenge for most security teams. The AlertEnterprise NERC CIP Solution delivers a unique risk management capability that aggregates blended threats from IT systems, Physical Access Control Systems and Critical Control Systems and uncovers previously undetectable risks. By analyzing and correlating all networked access events and integrating data from HR applications, AlertEnterprise ensures that critical infrastructure access is denied for those who would pose an intentional or unintentional threat.  

True Security = Compliance + Active Policy Enforcement

AlertEnterprise goes one step further and enables security, risk and compliance professionals within the organization to not only detect and identify compliance violations, but to remediate them in real time. This unique capability to remove physical access to systems and facilities with a single click, or invoke mitigating controls like additional video surveillance or proximity tracking is a result of a capability known as Active Policy Enforcement. Compliance combined with Active Policy Enforcement that extends across IT security, Physical Security and Industrial Controls is the only way to ensure true security.

AlertEnterprise delivers a complete command and control dashboard to effectively address the critical areas of NERC CIP compliance. The Solution incorporates effective controls and security protocols to help automate compliance and improve efficiency. AlertEnterprise enhances security while ensuring compliance by expanding to cover Critical Assets, Security Management, Controls, Personnel and Training, Electronic Security Perimeter, Physical Security of CAs, System Security Management, Incident Response Management, and Recovery Planning.

Solution Features

Compliance Management

• Provides complete NERCCIP compliance and documentation (CIP 002 –CIP 009)
• Multi‐regulation support for Sox, PCI, NIST SP 800 etc.
• Pre‐audit self assessments, gap analysis and audit reporting

Critical Asset Discovery, Risk Modeling

• Discover and identify assets and associated criticality
• Visual modeling of risks related to critical assets
• Ability to aggregate technical controls from security automation tools (scanners, IAM, CMDBs and SIEM)
• Application Security risks from ERP systems, HR applications and Financial Systems
• Assimilate and reconcile penetration test reports, physical security logs and IT security logs
• Aggregating threats and vulnerabilities from control systems, SCADA and DCS systems.
• Electronic Security Perimeter – monitor physical and system access
• Reconcile risks against data from external data feeds (NVD, iDefense and DHS NIPP ES‐ISAC)
  

Cyber Security Risk Management

• Active policy‐enforcement with exception management
  
• Powerful visual remediation and risk‐led response capabilities
• Comprehensive risk assessment (IT, Physical and Control Systems) and audit reporting
• Reconcile policy‐compliant IT user access with pre‐integrated access to PACS
• Automated integration of background checks and certification data
• Incident Management and Automated Remedial Action Scripts (RAS)
• Integrate with existing BCP/DR applications (e.g. Strohl etc.)

Benefits

• End to End Solution - Total compliance management for NERC‐CIP (CIP 002 to CIP 009).
• Security Convergence – Interactive mapping of Critical Assets and Cyber Assets to IT Security Controls and Physical Access Controls.
  
• Management-Oversight - Powerful risk modeling showing compliance violations, control system risks, IT security gaps and physical access risks complete with geo‐spatial context.
• Automated Remediation – Effectively Detect, Mitigate and Prevent security incidents with or without human intervention; Minimize property and human loss during stress situations.
• Automated Workflow – Automate notifications, delegations, certification; incorporate process flows throughout the organization
• Configurable and Flexible – Adaptable Rule Engine allows for custom rule sets, business-oriented processes
• Drive Increased Efficiency - Eliminate costly testing and re‐testing of controls for internal assessments, compliance testing and audit purposes