Talk With an Expert

A Zero-Trust User Access Model Can Expedite Compliance with New Looming NERC CIP Regulations

  • Tue, Jul 30, 2024
  • 1:00PM - 2:00PM UTC
  • English
  • Jason Dely, Enrique Martinez & Bill Moore
  • Technical Presentation
Webcast Hero

Introduction to NERC CIP-003-9 Requirements:

  • Overview of the NERC CIP-003-9 standards with a focus on access control and management
  • Explanation of the April 2026 deadline implications for power generation asset owners.

NERC CIP-003-9 Elements:

  • Secure Access Control: Ensures compliance by providing secure, context-aware access to critical cyber assets.
  • Identity Verification: Advanced user authentication aligns with NERC’s requirements for identity and access management.
  • Monitoring and Logging: Continuous monitoring and detailed logging capabilities support incident response and recovery plans as required by NERC.
  • Remote Access Management: Secure, controlled remote access aligns with NERC’s mandates for remote access management.
  • Configuration Management: Helps maintain information about hardware and software configurations, ensuring compliance with NERC’s asset management requirements.

Case Study and Implementation Strategy:

  • Example of successful implementation with power generation OEM.
  • Strategic recommendations for meeting the 2026 deadline.

Conclusion:

  • Summary of capabilities in ensuring NERC CIP-003-9 compliance.
  • Final thoughts on enhancing overall cybersecurity posture through zero-trust security.
  • This session will equip asset owners with the knowledge and tools to efficiently transition to a compliant and secure infrastructure and meet NERC CIP-003-9.

Meet the speakers