ArcSight Releases Protection Suite for NERC CIP Compliance

ArcSight, Inc., a provider of compliance and security management solutions that protect enterprises and government agencies, announced the release of the ArcSight Protection Suite for NERC CIP Compliance.

The suite builds on ArcSight security solutions that safeguard electric utilities from malicious intrusion, insider threats and non-compliance risks across the breadth of NERC Compliance Infrastructure Protection (CIP) standards 002-009.

"Monitoring critical cyber assets is essential to maintaining the security and reliability of the electrical grid," said Reed Henry, Senior VP of Marketing, ArcSight. "The NERC CIP standards are a good start, but a good start doesn't necessarily equate to being secure. Our customers are proactively protecting their systems by establishing baselines of what's normal, and then implementing continuous monitoring oversight to quickly identify systems that have been compromised. In these times when cyber spies clearly are targeting our utilities, world-class event monitoring and correlation is a necessary requirement to stop these threats and protect our critical infrastructure."

The ArcSight Protection Suite for NERC CIP Compliance is a solution for reducing risk and protecting critical utility operations, assets and for automated monitoring of ongoing compliance with NERC CIP standards. It protects the electric grid by monitoring all critical systems for threats, correlating event data and automating compliance reporting for the NERC standards. Many leading utilities are using ArcSight products to secure their power generation and transmission infrastructure against growing global cyber threats, the company noted.

The ArcSight Protection Suite for NERC CIP Compliance provides a central point for analysis of daily business operations by collecting data, via hundreds of different types of device and application connectors for interconnected and diverse dynamic systems. The solution delivers a detailed set of rules, dashboards, data monitors and reports that help meet the NERC CIP standards. The solution is modular and can be deployed collectively or in phases.

Components of the offering include:

- ArcSight ESM: Delivers continuous breach detection monitoring and compliance assessment through centralized event analysis via a cross-device correlation engine and sophisticated analysis tools that use rules, dashboards and reports.

- ArcSight Logger: Delivers log collection, aggregation and analysis via capture and archival of all log data and reporting for visibility into events, including events related to compliance with NERC CIP standards.

- ArcSight Threat Response Manager (TRM): Delivers threat remediation workflow for threat isolation, impact analysis, notification and quarantining options.

- ArcSight IdentityView: Monitors accounts with access beyond access control and role management to build a profile of what users are doing both on the network and off.

- ArcSight Compliance Insight Package for NERC: Delivers prepackaged rules, dashboards and reports that address NERC CIP compliance reporting and auditing requirements.

The ArcSight Protection Suite for NERC CIP Compliance is currently available.

((Comments on this story may be sent to newsdesk@closeupmedia.com))

Related terms: business, electric utility, government, marketing, products, security, standards, utilities, workflow