Season 2 Episode #7 | NERC CIP and ISO 27001
The energy industry is a critical infrastructure that is core to our business operations, safety and comfort and general well-being. With the growing use of technology at the edge of the grid and the widespread use of communications networks to transport data used for situational awareness and near-real-time operational control, these innovations bring both opportunities for greater detailed information, but also potentially exposes the enterprise to greater threat surfaces. While many of the current standards within our industry focus on physical security measures, standards such as ISO 27001 go well beyond implementing technical safeguard measures. It provides a framework for policy and protection to achieve business objectives for information security, establishes policies on control and expectations, allocates resources to enforce this, and regularly reviews the efficacy of the plans. This has become even more acute as utilities are now faced with a “brave new world” with remote workers. How does this now impact how we will operate in the future and what will be our new standard of operation? Tune in as host Ron Chebra interviews Brian Smith, cybersecurity expert with EnerNex, and John Verry, CISO of Pivot Point Security, on cyber protection, remote access and information assurance.