nCircle Enables Compliance With NERC CIP Auditing

Dec. 22, 2008
nCircle has announced new security and configuration policies designed to help electric utilities comply with the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards.

nCircle has announced new security and configuration policies designed to help electric utilities comply with the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards. Mapped directly to the NERC CIP standards, these policies help utilities with critical infrastructure, to automate previously manual and time consuming audit tasks, reduce security risk and achieve compliance with the NERC CIP standards.

Reliability is the number one concern for the electric utility industry, and the effect of Internet connectivity on the security of our critical infrastructure has created additional complexity and challenges. NERC addressed these challenges by creating the Critical Infrastructure Protection (CIP) cyber security standards, providing a way to consistently audit electric utility organizations for cyber security weaknesses. nCircle's solutions deliver automated, agentless configuration and policy auditing, vulnerability assessment, and actionable reporting for NERC CIP compliance. The new policies enable utilities to continuously audit the configurations of their critical infrastructure and easily identify deviations from the NERC CIP standards.

"nCircle continues to develop new solutions enabling our customers to audit their IT assets automatically, continuously and consistently," said Tim Keanini, CTO, nCircle. "Our new NERC CIP policies expand on nCircle's already industry-leading coverage, simplifying NERC CIP compliance processes and ensuring the reliability of the critical utility infrastructure."

The new policies are delivered in nCircle Configuration Compliance Manager, nCircle's agentless configuration auditing solution that automates configuration auditing, change monitoring and compliance processes. In addition to the new NERC CIP policies, Configuration Compliance Manager also supports a port scanning mode specifically for highly sensitive devices, such as Supervisory Control And Data Acquisition (SCADA) systems. This unique, non-intrusive and lightweight approach is ideal for these critical utility systems.

Voice your opinion!

To join the conversation, and become an exclusive member of T&D World, create an account today!