Tripwire’s NERC Solution Helps Power Companies Mitigate Cyber Security Risks

Tripwire, the leading provider of configuration control for virtual and physical infrastructures, announced its support for policies set by the North American Electric Reliability Corporation (NERC). Tripwire helps users, owners, and operators of the bulk power system to manage security threats, avoid penalties and provide automated compliance to NERC technology-related policies, which are very difficult and resource intensive to implement manually.

IT organizations within utilities must comply with the Critical Infrastructure Protection (CIP) Cyber Security Standards set down by NERC. These require power entities to implement prescriptive, secure configurations as well as continuously audit their infrastructure for changes.

Major power outages in the last decade — and mounting internal and external security threats — have clarified the need for utilities to ensure their systems are continuously available and secure. While these organizations recognize an inherent need to ensure their systems are always available and secure, as with any security regulation, penalties for non-compliance are stiff: utilities audited and found out of compliance will be charged up to $1 million per day per infraction.

Tripwire Enterprise Addresses NERC

Tripwire helps ensure that configurations continuously meet CIP Cyber Security requirements, while providing the required audit trail for changes. In fact, only Tripwire combines powerful configuration assessment against NERC policies with the continuous compliance of change auditing. These two powerful technologies work together to ensure that your organization remains secure and NERC-compliant at all times — regardless of when your next audit might be.

Tripwire Enterprise helps automate the requirements and sub-requirements in CIP 005, CIP 007, and CIP 003-6. Tripwire minimizes human error, automates repetitive tasks requiring minimal manual effort, and gives you continuous confidence in the security and compliance of your critical systems.