Created on: 5/30/2017 TLP_WHITE_E-ISAC_Portal Access_Control.pdf This document outlines the E-ISAC's current portal access control process.
Created on: 5/12/2017 TLP_WHITE_E-ISAC Long-term Strategic Plan 4-24-2017.pdf The North American Electric Reliability Corporation had its quarterly Board of Trustees meeting on May 11. One issue the meeting focused on was NERC's long-term strategic efforts with the Electricity Information Sharing and Analysis Center...

The North American Electric Reliability Corporation had its quarterly Board of Trustees meeting on May 11. One issue the meeting focused on was NERC's long-term strategic efforts with the Electricity Information Sharing and Analysis Center (E-ISAC). John McAvoy, chair of the Electricity Subsector Coordinating Council's Member Executive Committee, addressed the Board in support of the E-ISAC Long-Term Strategic Plan, saying security is an integral part of industry operations and we live in a dynamic threat environment. In order to continue evolving, we must improve cross-sector collaboration and information sharing. The long-term plan will help the E-ISAC reach its goals, he added. Some of the plan's action items include:

  • Replacing the current web portal with a new “platform” that will enable automatic information sharing, the creation of private discussion groups, data visualization, among other features;
  • Increasing the E-ISAC's capability to collect security intelligence;
  • Hiring specialized analysts;
  • Acquiring additional data storage, management, and sharing technologies; and
  • Increasing the E-ISAC's access to classified networks and facilities.

The plan, which was developed working closely with NERC leadership and the Member Executive Committee, builds on the ESCC's 2015 recommendations and discusses improvements needed in 2017 to address current threats, a look at the mid-term range of 2018-2022 to address emerging threats, and what the E-ISAC might look like beyond 2023 if the forecasted issues continue to develop. The NERC Board of Trustees accepted the plan at the May 11 quarterly meeting.

Created on: 4/7/2017 TLP_WHITE_E_ISAC_Guidance_4_2017.pdf The E-ISAC employs the Traffic Light Protocol (TLP) developed by DHS US-CERT for designating the information/documents posted to the E-ISAC Portal, and as a way to instruct entities as to whether and with whom they may share such...
The E-ISAC employs the Traffic Light Protocol (TLP) developed by DHS US-CERT for designating the information/documents posted to the E-ISAC Portal, and as a way to instruct entities as to whether and with whom they may share such information/documents. The TLP definitions were updated in September 2016.  
Created on: 2/13/2017 E-ISAC 2016 End of Year Report.pdf Throughout 2016, the E-ISAC collected, analyzed, and shared information on physical and cyber security issues, and this report is a review of the main issues covered over the year. The information came from open source reporting, electricity...

Throughout 2016, the E-ISAC collected, analyzed, and shared information on physical and cyber security issues, and this report is a review of the main issues covered over the year. The information came from open source reporting, electricity members, and federal partners and includes the E-ISAC's analytical summary of those collective reports. This report looks at how the E-ISAC may further identify trends and patterns benefitting members.