LogRhythm’s powerful alerting capability automatically identifies the most critical issues and notifies relevant personnel.
As part of the NERC CIP Compliance Package, the enterprise assets are categorized according to NERC CIP-002-1 Critical Cyber Asset Identification standards:
- Electronic security perimeter
- Incident reporting and planning
- Critical cyber assets
- Malware systems
- Vulnerability detection
- Disposal logs
- Patch compliance
Millions of individual log entries can be generated daily if not hourly. The task of assembling this information can be overwhelming in itself. The additional requirements of analyzing and reporting on log data render manual processes or home-grown remedies ineffective and cost prohibitive.
A fundamental component of an effective NERC CIP strategy is an automated log management and SIEM platform providing enterprise-class capabilities for security, operations and compliance requirements.
NERC CIP Requirements
The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to “ensure that the bulk electric system in North America is reliable,
adequate and secure.”
As the federally designated Electric Reliability Organization (ERO) in North America, NERC maintains comprehensive reliability standards that define requirements for planning and operating the collective bulk power system. Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which are intended to ensure the protection of the Critical Cyber Assets that control or affect the reliability of North America’s bulk electric systems.
In 2006, the Federal Energy Regulatory Commission (FERC) approved the Security and Reliability Standards proposed by NERC, making the CIP Cyber Security Standards mandatory and enforceable across all users, owners and operators of the bulkpower system. After going into effect in June 2006, initial compliance auditing began in June 2007.
NERC CIP Solution Summary
LogRhythm has extensive experience in helping organizations improve their overall security and compliance posture while reducing costs. Log collection, archive and recovery are fully automated across the entire IT infrastructure.
LogRhythm automatically performs the first level of log analysis. Log data is categorized, identified and normalized for easy analysis and reporting. LogRhythm’s powerful alerting capability automatically identifies the most critical issues and notifies relevant personnel.