Cyber Wiki: Difference between revisions

From CyberWiki
Jump to navigation Jump to search
 
(20 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Welcome to the EPRI Cyber Security for Generation Assets CyberWiki ==
== Welcome to the Cyber Security for Electric Power Generation CyberWiki ==
Welcome to the main page of the Electric Power Research Institute's CyberWiki, a wiki-style hub for cyber security research at EPRI, with a focus on operational technology in power generation. CyberWiki was built using the MediaWiki engine to be an extensible and dynamic educational and knowledge dissemination tool. It supplements the published content that is accessible through the EPRI website, or through each program's cockpit, by providing a flexible, web-based content delivery solution for projects that can benefit from the ability to easily update and add content as a project progresses. EPRI members can log in to access additional content through the EPRI Cyber Security for Generation Assets homepage.
Welcome to the main page of the Electric Power Research Institute's CyberWiki, a wiki-style hub for cyber security research at EPRI, with a focus on operational technology in power generation. CyberWiki was built using the MediaWiki engine to be an extensible and dynamic educational and knowledge dissemination tool. It supplements the published content that is accessible through the EPRI website, or through each program's cockpit, by providing a flexible, web-based content delivery solution for projects that can benefit from the ability to easily update and add content as a project progresses. EPRI members can log in to access additional content through the EPRI Cyber Security for Generation Assets homepage.


== Overview ==
== Overview ==
ERPI’s Cyber Security for Generation Assets Program (P209) performed research and development to improve the security, safety, and resiliency of power generation facilities.  The program addresses strategic focus areas including:
ERPI’s Cyber Security for Generation Assets Program (P209) performed research and development to improve the security, safety, and resiliency of power generation facilities.  The program addresses strategic focus areas including:
*[https://cyberwikitest.epri.com/Protect Protection] Technologies, Tools, and Guides
*[[Protect|Protection]] Technologies, Tools, and Guides
*[https://cyberwikitest.epri.com/Detect Detection] Technologies, Tools, and Guides
*[[Detect|Detection]] Technologies, Tools, and Guides
*[https://cyberwikitest.epri.com/Respond_Recover Response and Recovery] Technologies, Tools, and Guides
*[[Respond_Recover|Response and Recovery]] Technologies, Tools, and Guides
*[https://cyberwikitest.epri.com/Emerging_Technology Emerging Technology] Industry-specific technology use cases, guidance, Testing, and Development.  
*[[Process|Process and Integration]], Regulatory Impacts, Workforce Development, Training, and GRC
*[https://cyberwikitest.epri.com/Changing_Threats Changing Threat Landscape] Impacts to Power System Security
*[[Emerging_Technology|Emerging Technology]] Industry-specific technology use cases, guidance, Testing, and Development.  
*[https://cyberwikitest.epri.com/Process Process and Integration], Regulatory Impacts, Workforce Development, Training, and GRC
*Changing Threat Landscape
*Industry Collaboration and Benchmarking
*Industry Collaboration and Benchmarking
The CyberWiki also includes industry [https://cyberwikitest.epri.com/Terms definitions, terms], [https://cyberwikitest.epri.com/Standards standards, and regulations].
== Summary of Key Topics and Resources ==
Here you will find a summary listing of resource areas and key topics.  Published EPRI resources are listed by topic (separate login and access required).  Executive summaries and key facts and considerations are linked.
{| class="wikitable"
! Topic
! Description
! Resources
|-
| Changing Threat Landscape
| Cyber security threats evolve and impacts strategy, OT technology, and defensive tools.
| [http://espn.com Title of R&D with Link] <br> [https://google.com R&D Title EPSN]
|-
| Industry Standards and Regulation
| Cyber security focusses on risk reduction. Regulatory standards mandate minimum expectations. Multiple security standards and framework are used worldwide and can align strategies with common terms and expectations.
| [https://weather.com Title of R&D Link] <br> [https://cnn.com Title of R&D Link]
|-
| Definitions and Terms
|
|
|-
! colspan="3" | Process and Integration
|-
| Governance, Risk, and Compliance
| Governance, Risk, and Compliance (GRC) addresses….
|
|-
| Program Development
|
|
|-
| Workforce Development
|
|
|-
| Supply Chain
|
|
|-
! colspan="3" | Protection
|-
| Security Architectures and Segmentation
|
|
|-
| Vulnerability Management
|
|
|-
| Hardening
|
|
|-
| Secure Remote Access
|
|
|-
| Transient Cyber Assets and Removable Media
|
|
|-
| Identity and Access Management
|
|
|-
! colspan="3" | Detection
|-
| Real-Time Detection
|
|
|-
| Scanning
|
|
|-
| Security Event Monitoring
|
|
|-
! colspan="3" | Response and Recovery
|-
| Incident Response Program
|
|
|-
| Incident Response Playbooks
|
|
|-
| Disaster Recovery Plans
|
|
|-
| Scenarios and Training
|
|
|-
| Backup and Recovery
|
|
|-
| Security Operations and Incident Classification
|
|
|-
! colspan="3" | Technology and Use Cases
|-
| Wireless Technology in Generation
|
|
|-
| IIOT, IOT, and Industry 4.0
|
|
|-
| Digital Worker
|
|
|-
| Artificial Intelligence
|
|
|-
| Quantum Computing
|
|
|-
| Software Bill of Materials
|
|
|-
| Control System Case Studies
|
|
|-
| Technical Assessment Methodology Case Studies
|
|
|}
{| class="wikitable"
! Topic
! Description
! Resources
|-
| Changing Threat Landscape
| Cyber security threats evolve and impacts strategy, OT technology, and defensive tools.
| [https://www.epri.com/research/programs/112046/results/3002014312 Quick Brief: Recent Russian Cyber Campaign Targeting the Electric Sector] <br> [https://www.epri.com/research/programs/112046/results/3002015259 Changing Threat Landscape Study Report: Generation Cyber Security—Trends Across Cyber Security Incidents at Industrial Facilities] <br> [https://www.epri.com/research/programs/112046/results/3002017849 Quick Brief: Awareness of Nation State Cyber Activity Targeting Critical Infrastructure] <br> [https://www.epri.com/research/programs/112046/results/3002017864 2020 OT Cyber Security Trends for Electric Utilities] <br> [https://www.epri.com/research/programs/112046/results/3002022287 Quick Brief: Critical Infrastructure Interdependencies on Generation Capacity—Managing Risk] <br> [https://www.epri.com/research/programs/112046/results/3002025919 Operational Technology (OT) Network Segmentation and Micro-Segmentation Strategies: An Evaluation of Segmentation Strategies in Generation Environments]
|-
| Industry Standards and Regulation
| Cyber security focusses on risk reduction. Regulatory standards mandate minimum expectations. Multiple security standards and framework are used worldwide and can align strategies with common terms and expectations.
| [https://weather.com Title of R&D Link] <br> [https://cnn.com Title of R&D Link]
|-
| Definitions and Terms
|
|
|-
! colspan="3" | Process and Integration
|-
| Governance, Risk, and Compliance
| Governance, Risk, and Compliance (GRC) addresses….
|
|-
| Program Development
|
|
|-
| Workforce Development
|
|
|-
| Supply Chain
|
|
|-
! colspan="3" | Protection
|-
| Security Architectures and Segmentation
|
|
|-
| Vulnerability Management
|
|
|-
| Hardening
|
|
|-
| Secure Remote Access
|
|
|-
| Transient Cyber Assets and Removable Media
|
|
|-
| Identity and Access Management
|
|
|-
! colspan="3" | Detection
|-
| Real-Time Detection
|
|
|-
| Scanning
|
|
|-
| Security Event Monitoring
|
|
|-
! colspan="3" | Response and Recovery
|-
| Incident Response Program
|
|
|-
| Incident Response Playbooks
|
|
|-
| Disaster Recovery Plans
|
|
|-
| Scenarios and Training
|
|
|-
| Backup and Recovery
|
|
|-
| Security Operations and Incident Classification
|
|
|-
! colspan="3" | Technology and Use Cases
|-
| Wireless Technology in Generation
|
|
|-
| IIOT, IOT, and Industry 4.0
|
|
|-
| Digital Worker
|
|
|-
| Artificial Intelligence
|
|
|-
| Quantum Computing
|
|
|-
| Software Bill of Materials
|
|
|-
| Control System Case Studies
|
|
|-
| Technical Assessment Methodology Case Studies
|
|
|}

Latest revision as of 19:38, 30 October 2024

Welcome to the Cyber Security for Electric Power Generation CyberWiki

Welcome to the main page of the Electric Power Research Institute's CyberWiki, a wiki-style hub for cyber security research at EPRI, with a focus on operational technology in power generation. CyberWiki was built using the MediaWiki engine to be an extensible and dynamic educational and knowledge dissemination tool. It supplements the published content that is accessible through the EPRI website, or through each program's cockpit, by providing a flexible, web-based content delivery solution for projects that can benefit from the ability to easily update and add content as a project progresses. EPRI members can log in to access additional content through the EPRI Cyber Security for Generation Assets homepage.

Overview

ERPI’s Cyber Security for Generation Assets Program (P209) performed research and development to improve the security, safety, and resiliency of power generation facilities. The program addresses strategic focus areas including:

Retrieved from "https://cyberwiki.epri.com/index.php?title=Cyber_Wiki&oldid=120"