Skip to main content
Solutions

Strengthen NERC CIP Compliance with Dragos Technology & Services

Leverage Dragos OT cybersecurity technology and expert services to comply with NERC CIP reliability standards for US electric utilities.

Request a Platform Demo
electric grid cyber security compliance with dragos platform. ot cyber security icons of electric grid

What is NERC CIP?

The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards are a set of requirements designed to protect critical infrastructure vital to the reliable operation of North America’s Bulk Electric System (BES) from cyber and physical security threats.

Why Choose Dragos for NERC CIP Compliance?

Implementing NERC CIP requirements can be challenging because of their complexity and rigorous compliance requirements across diverse operational environments.

vuln managementThe Dragos Platform enhances the cybersecurity posture in these critical environments through comprehensive asset and network visibility, threat detection, vulnerability management, and investigation and response.

a teal icon of a bug in a scope indicating threat huntingThe Dragos Platform integrates intelligence from our adversary threat hunters and service engagement findings.

Content updates are published weekly & provide the most comprehensive detections, up-to-date vulnerability guidance, and supporting operational technology (OT) cyber threat intelligence from Dragos’s WorldView research.

dragos servicesThe Dragos Services team offers expertise to help evaluate and mature OT security practices, and the Dragos

Threat Intelligence team delivers contextual awareness on new threats and vulnerabilities, empowering organizations to make informed decisions about their security posture.

Mapping Dragos Technology & Services to NERC CIP Requirements

Learn how the Dragos Platform can be utilized in a NERC CIP program, and how the Dragos Services
team can help fulfill requirements.

TopicStandardUse Case
BES Cyber System Categorization CIP-002Platform: The Dragos Platform employs passive monitoring techniques to observe and identify devices connected to the network.

Services: Architecture Reviews assist in understanding the most critical systems, essential network infrastructure, and the potential consequences of a cyberattack.
Security Management Controls CIP-003 SServices: Cybersecurity Program Maturity Reviews, such as Cybersecurity Capability Maturity Model (C2M2), evaluate an organization’s current cybersecurity posture, capabilities, and practices.
Personnel & Training CIP-004Community Resources: To satisfy requirements that individuals with access to critical assets are properly trained, Dragos supports NERC CIP customers with the following focused on OT cybersecurity for their personnel:
  • Dragos Academy
  • OT-CERT
  • Dragos Worldview
Electronic Security Perimeter(s) CIP-005Platform:
  • Dragos Sensors can be strategically placed in the environment to accommodate monitoring within the ESP and outside the ESP
  • The Dragos Platform can help entities identify external communications that may not be routed through an Electronic Asset Point (EAP)
  • The Dragos Platform identifies remote access session activities and visually depicts which connections are present over time.
Systems Security Management CIP-007Platform:
  • The Dragos Platform can be deployed for detecting malicious code, utilizing sensors in environments where traditional antivirus software cannot be installed
  • The Platform logs events and generates alerts for applicable cyber assets by detecting malicious code, successful login attempts, failed access attempts, and failed login attempts.
  • The Platform can help identify logical ports and the associated service name that have either initiated or received communications on Cyber Assets.
Incident Reporting and Response PlanningCIP-008Platform: Overall, the Dragos Platform enhances incident reporting and response planning by providing robust detection capabilities, centralized management, automated response workflows, forensic analysis tools, collaboration features, and support for continuous improvement.

Services:
  • Rapid Response Retainers
  • Tabletop Exercises
  • Incident Response Plan Development Workshop
  • Dragos OT Watch
Recovery Plans for BES Cyber Systems CIP-009Services:
  • Rapid Response Retainers
  • Tabletop Exercises
  • Incident Response Plan Development Workshop
Configuration Change Management and Vulnerability Assessments CIP-010Platform:
  • The Dragos Platform enables organizations to develop baseline configurations for OT devices based on CIDR, zone, asset type, and more.
  • The Dragos Platform conducts passive vulnerability assessments on identified assets.
  • The Dragos Platform features a specialized NERC CIP dashboard designed to support customers.

Services: Network Vulnerability Assessments assess the current landscape’s risk and evaluate the effectiveness of existing technical security controls, proposing enhancements for the future.
Communications between Control Centers CIP-012Platform: The Dragos Platform can quickly identify
unencrypted communication protocols in use if the responsible entity is utilizing encryption between control centers
Internal Network Security Monitoring CIP-015Platform:

  • The Dragos Platform enables organizations to develop baseline configurations of their network traffic inside trusted zones.
  • The Baseline feature detects deviations in assets, including non-baselined communications and protocols.
  • The Dragos Platform employs passive monitoring techniques to detect and evaluate anomalous network activity.
  • The Dragos Platform conducts passive monitoring on identified assets.
  • The Dragos Platform detects and alerts on threat behaviors, which are known adversary tradecraft and TTPs relevant to the OT environment.
Services: Dragos can conduct a Sensor Placement Study to analyze and provide recommendations for proper Dragos Sensor placement.

Download the NERC CIP Mapping Guide

Discover how the Dragos Platform and Services support compliance to NERC CIP reliability standards for critical industrial infrastructure.

Download Now

Cyber threats don’t wait

Wherever you are in your cybersecurity journey we’re here to help you take the next step in auditing and adhering to industry compliance requirements.