E-ISAC partners with DOE to include operational technology pilots in cybersecurity program

Published on December 02, 2020 by Chris Galford

© Shutterstock

As part of an expansion of the Cybersecurity Risk Information Sharing Program (CRISP), the North American Reliability Corporation’s (NERC) Electricity Information Sharing and Analysis Center (E-ISAC) is partnering with the U.S. Department of Energy (DOE) on two operational technology pilots.

These new pilots will use operational technology sensors to identify abnormal or possibly malicious cyber behavior and pursue cybersecurity insights from analysis of both CRISP data and operational technology data from a real-time network breach detection program that is a cooperative effort of DOE and the National Rural Electric Cooperative Association (NRECA). Both seek to counter cyber threats to utilities’ industrial control systems through data.

“The CRISP operational technology pilots are an important advance in E-ISAC capabilities and reflect a maturation of our partnership with DOE,” Frank Honkus, E-ISAC associate director of intelligence programs and CRISP Manager, said. “These pilots will help the E-ISAC meet its core responsibility of advising utilities on the detection and mitigation of industrial control system threats from the most advanced and persistent international adversaries.”

Beyond these pilots, E-ISAC has also joined forces with the Pacific Northwest National Laboratory (PNNL) to improve CRISP with a new information technology project and could help detect both abnormal and malicious activity on utilities’ business networks. It is through an agreement with PNNL that E-ISAC manages CRISP. PNNL installs network monitoring equipment at participating utilities and supports CRISP analyses produced for asset owners and operators.