NIST Cybersecurity Practice Guide, Special Publication 1800-7: “Situational Awareness for Electric Utilities”
The NCCoE released a draft of the NIST Cybersecurity Practice Guide, SP 1800-7 “Situational Awareness for Electric Utilities” on February 16, 2017. Public comments on the draft will be expected through April 17, 2017. Submit your comments.
For ease of use, the guide is available in volumes:
- SP 1800-7a: Executive Summary (PDF) (web page)
- SP 1800-7b: Approach, Architecture, and Security Characteristics (PDF) (web page)
- SP 1800-7c: How-To Guides (PDF) (web page)
View the complete guide as a PDF or web page.
See the two-page fact sheet or the Situational Awarness Project Description (PDF) for additional information.
Summary
To improve the security of information and operational technology, including industrial control systems, energy companies need mechanisms to capture, transmit, analyze and store real-time or near-real-time data from these networks and systems. With such mechanisms in place, energy providers can more readily detect and remediate anomalous conditions, investigate the chain of events that led to the anomalies, and share findings with other energy companies. Obtaining real-time and near-real-time data from networks also has the benefit of helping to demonstrate compliance with information security standards.