Draft2:Cybersecurity Risk Information Sharing Program: Difference between revisions
>Tomoneill (CESER) |
m (1 revision imported) |
(No difference)
| |
Latest revision as of 21:28, 2 December 2024
The Cybersecurity Risk Information Sharing Program (CRISP) is a public-private partnership, co-funded by DOE and industry and managed by the Electricity Information Sharing and Analysis Center (E-ISAC).
CRISP participants provide power to over 75 percent of the total number of continental U.S. electricity subsector customers.
The program was created by the Office of Cybersecurity, Energy Security, and Emergency Response.
Mission
CRISP aims to capture data from supervisory control and data acquisition (SCADA) and industrial control systems (ICS) and use it to monitor for potential intrusions and strengthen grid security.
Purpose
The purpose of CRISP is to collaborate with energy sector partners to facilitate the timely bi-directional sharing of unclassified and classified threat information and to develop situational awareness tools that enhance the sector's ability to identify, prioritize, and coordinate the protection of critical infrastructure and key resources. CRISP leverages advanced sensors and threat analysis techniques developed by DOE along with DOE’s expertise as part of the nation’s Intelligence Community to better inform the energy sector of the high-level cyber risks.
Factions
CRISP receives data related to network traffic at or near the Internet perimeter that is voluntarily shared by electric power participants, collates technical analysis, and identifies indicators of compromise (IOCs). CRISP participants and their information are anonymized and kept confidential. The program also leverages subject matter experts and resources from the E-ISAC, Pacific Northwest National Laboratory (PNNL) and the Argonne National Laboratory (ANL). Partners in Situational Awareness
Together, this team of experts works with the participants to do the following:
- Install a passive information sharing device (ISD) on participant networks outside their firewalls to collect data relating to Internet traffic
- Analyze voluntarily shared data against a catalogue of threats, tactics, and known actors
- Identify and share appropriate steps that industry may take to mitigate any identified threats
- Provide opportunity for additional resources and support from DOE CESER
Contact
- E-ISAC at crisp@eisac.com
- CESER at ceser.infoshare@hq.doe.gov
Related
- Office of Cybersecurity, Energy Security, and Emergency Response#Cybersecurity Risk Information Sharing Program
- Pacific Northwest National Laboratory
External links
- Cyber Situational Awareness - Pacific Northwest National Laboratory
- https://www.utilitydive.com/news/nerc-expands-it-focused-cybersecurity-program-as-hackers-actively-target-gr/591425/
- https://www.nerc.com/news/Headlines%20DL/CRISP%2030NOV20.pdf
References
|
|
If this page has been recently modified, it may not reflect the most recent changes. Please purge this page to view the most recent changes. |
