Tripwire Announces Comprehensive Solution to Automate and Streamline NERC CIP Version 5 Compliance

Tripwire IP360 Now Integrated Into North American Electric Reliability Corporation (NERC) Solution Suite

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend
Our extensive NERC-specific reports and dashboards in combination with our deep domain expertise help us deliver customized solutions for clients working toward CIP versions three and five compliance as well as stronger cybersecurity

Portland, Oregon (PRWEB) March 13, 2014

Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced the integration of Tripwire® IP360 TM into their NERC Solution Suite version 2.0, a powerful combination of customized tools and services designed to help utilities automate, achieve and maintain compliance with all approved versions of North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP).

The NERC CIP is a set of requirements designed to secure the assets required for operating North America's bulk electrical system (BES). The recently updated plan consists of ten standards and 32 requirements that cover the security of electronic perimeters, the protection of critical cyber assets, security management, personnel training and disaster recovery planning. Organizations with NERC CIP compliance violations can be fined up to $1 million per day, and over the past four years, NERC CIP fines have totaled more than $150 million.

Achieving and maintaining compliance with new versions of NERC CIP requires continuous monitoring of critical assets as well as periodic collection of detailed audit evidence. The steps necessary to pass NERC CIP audits can be extremely time consuming, are often done manually and can be error-prone. New requirements in NERC CIP version 5 include security configuration change management, vulnerability management for BES Cyber Assets, and information protection, making the compliance process for BES organizations even more complex.

The NERC Solution Suite combines Tripwire Enterprise, Tripwire IP360 and Tripwire Log Center®, award-winning security configuration management, vulnerability management and incident detection solutions. The solution also includes specialized intelligence including policy rules, correlation rules, tools, templates, customized reports and dashboards derived through work with over 100 NERC Registered Entities and the NERC Regional Auditor community. Together with customized services from NERC-experienced consultants, the NERC Solution Suite dramatically reduces the time and resources required to pass NERC CIP audits and minimize audit findings.

Key features include:

  •     Auto-discovery of all BES Cyber Assets, including hardware and software to ensure all critical assets are protected.
  •     Continuous monitoring that rapidly detects detailed status information across a wide range of critical cyber assets, from computer systems and network devices to SCADA and other industrial control systems to identify early indications of breach activity.
  •     Whitelisting capability for monitoring ports, services, software versions, and local user credentials.
  •     Audit-ready reports and dashboards that deliver evidence of compliance conveniently grouped by CIP requirement.

“The expanded coverage of all approved CIP requirements in the new version of the Tripwire NERC Solution Suite enhances our customers’ ability to improve power generation and transmission reliability by automating the audit process,” said Jeff Simon, director of service solutions at Tripwire. “Our extensive NERC-specific reports and dashboards in combination with our deep domain expertise help us deliver customized solutions for clients working toward CIP versions three and five compliance as well as stronger cybersecurity.”

For more information, please visit: http://www.tripwire.com/regulatory-compliance/nerc-cip-compliance/.

About Tripwire, Inc.
Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats.


Contact