FERC/NERC COMPLIANCE

 


What is FERC/NERC?

The NERC (North American Electric Reliability Corporation) is a self-regulatory body responsible for ensuring energy industry compliance with Critical Infrastructure Protection (CIP) standards. These rules require organizations that deliver bulk electricity to the North American electrical power grid to identify and protect critical cyber assets. FERC (Federal Energy Regulatory Commission) oversees the power industry, but gives NERC the responsibility for maintaining and complying with CIP standards.

 

Bulk power suppliers must define methods, processes, and procedures for securing critical cyber assets, as well as the non-critical cyber assets within the electronic security perimeter. "Cyber assets" are loosely defined as all "programmable electronic devices and communication networks including hardware, software, and data."


Basic rules on FERC/NERC compliance:

 
  • Continuously monitor electronic access to critical cyber assets
  • Create and maintain a cyber security policy
  • Maintain documentation of the security perimeter, all interconnected cyber assets, and all electronic access points
  • Identify and implement electronic access controls for access to critical cyber assets within the electronic security perimeter, maintain documentation of the electronic access controls, and update that documentation at least annually
  • Protect information associated with critical cyber assets, plus policies and practices used to keep them secure
  • Establish system management policies and procedures for configuring and securing critical cyber assets
  • Document electronic incident response actions, including roles and responsibilities assigned by individual or job function.

GTB’s Data Loss Prevention solutions provide comprehensive NERC CIP data loss prevention for any energy company, utility or independent system operator that must protect its valuable cyber assets. Advantages include:

 

Detection Accuracy:  GTB’s AccuMatch™ detection suite, recognized as having the highest accuracy in the industry . 

Monitor and prevent sensitive data usage – Network & Endpoint: GTB Technologies provides the ability to monitor and block data loss on ANY PROTOCOL (including email, IM, Web, Secure Web (HTTP over SSL), FTP, P2P, and generic TCP. Endpoint protection includes storage devices such as USB drives, CD/DVDs, etc. 

Internal controls: GTB Technologies allows organizations to demonstrate internal controls to comply with FERC/NERC requirements.  These requirements mandate the establishment, documentation, and maintenance of electronic access to critical cyber assets.

Download GTB DLP Solution
Brochure
 
10/07/2009
Organizations that deployed DLP solutions from competitors are unhappy
07/27/2009
Network World Confirms:
GTB Inspector is the ONLY DLP solution with 100% Accuracy

07/13/2009

GTB Inspector for Large Enterprise provides complete Data Loss Prevention

03/10/2009

GTB Technologies, the Data Loss Prevention leader, Posts Record Sales  

10/07/2008

GTB Technologies announces availability of GTB SDK

07/15/2008

GTB Technologies announces virtual version of its Data Leak Prevention system for SMBs
More News

 

GTB Technologies, Inc.
5000 Birch St. Suite 3000
Newport Beach, CA 92660
Toll Free Number: (800) 507-9926
Telephone : (714) 545-0111
info@gttb.com


Contact us now to learn more and to get a free trial of the GTB Inspector!

 
Copyright GTB Technologies 2009. All rights reserved.