Agenda Critical Infrastructure Protection Committee
March 8, 2016 | 1:00 - 5:00 p.m. (EST) March 9, 2016 | 8:00 a.m. - Noon (EST) Hyatt Regency Louisville 311 S 4th Street Louisville, KY 40202 (502) 581-1234
CIPC Workshop (Physical Security): Physical Security Programs
Room: Conference Theater (2nd Floor) March 7, 2016 | 1:00 - 5:00 p.m. (EST)
CIPC Workshop (Cybersecurity): Malware Primer and E-ISAC Portal Training
Room: Conference Theater (2nd Floor) March 8, 2016 | 8:00 a.m. - Noon (EST) CIPC Meeting
CIPC Working Lunch | March 8, 2016 | Noon - 1:00 p.m. (EST) Room: The Spire (19th Floor) March 8, 2016 | 1:00 - 5:00 p.m. (EST) March 9, 2016 | 8:00 a.m. - Noon (EST) Room: Regency South (2nd Floor) Introductions and Welcome – Mr. Marc Child, CIPC Chair, Great River Energy NERC Antitrust Compliance Guidelines and Public Announcement – Mr. Sam Chanoski, CIPC
Secretary, NERC Reliability Risk Management Agenda Items
1. Opening Remarks – Mr. Paul Thompson, Chief Operating Officer, Louisville Gas and Electric/Kentucky Utilities 2. Administrative – Mr. Sam Chanoski, CIPC Secretary, NERC Reliability Risk Management a. Safety Briefing and Emergency Precautions, Hyatt Regency Staff b. Declaration of CIPC Quorum c. CIPC Roster
d. Parliamentary Procedures – In the absence of specific provisions in the CIPC Charter, the committee shall conduct its meetings guided by the most recent edition of Robert’s Rules of Order, Newly Revised. 3. Consent Agenda – Mr. Marc Child, CIPC Chair, Great River Energy a. Draft December CIPC Minutes b. Committee Membership Appointments and Changes: TRE David Grubbs City of Garland TRE Vacant TRE Darrell Klimitcheck STEC FRCC Paul McClay TECO FRCC Carter Manucy FMPA FRCC Joe Garmon Seminole MRO Marc Child Great River MRO Paul Crist LES MRO Vacant NPCC John Galloway ISO-NE NPCC Greg Goodrich NYISO NPCC David Cadregari Iberdrola USA RFC Larry Bugh RFirst RFC Vacant RFC Jeff Fuller DPL SERC Chuck Abell Ameren SERC Cynthia Hill-Watson TVA SERC Bruce Martin Duke Energy SPP John Breckenridge KCPL SPP Allen Klassen Westar SPP Eric Ervin Westar WECC Allan Wick Tri-State WECC Mike Mertz PNM WECC Lisa Carrington APS APPA Scott Smith Bryan TX Utilities APPA Nathan Mitchell APPA CEA Francis Bradley CEA CEA Ross Johnson Capital Power CEA David Dunn IESO NRECA Robert Richhart Hoosier NRECA David Revill Georgia Trans
Operations Cyber Physical Cyber Physical Operations Cyber Physical Operations Operations Cyber Physical Cyber Operations Physical Operations Cyber Physical Physical Operations Cyber Physical Cyber Operations Physical Policy Physical Physical Policy Policy Policy
4. Chair’s Remarks – Mr. Marc Child, CIPC Chair, Great River Energy 5. CIPC Charter Update and Approval – Mr. Marc Child, CIPC Chair, Great River Energy 6. E-ISAC Update – Mr. Marc Sachs, Senior Vice President and Chief Security Officer, NERC E-ISAC
Agenda – Critical Infrastructure Protection Committee – March 8-9, 2016
2
7. Physical Security Advisory Group Update – Mr. Bob Canada, NERC E-ISAC 8. Enhanced Background Screening – Mr. Travis Moran, NERC E-ISAC 9. CIP Compliance Update – Tobias Whitney, NERC Reliability Assurance 10. EPRI Metrics and Compliance Projects – Mr. Jason Christopher, EPRI 11. Reliability Issues Steering Committee (RISC) Update – Mr. Nathan Mitchell, CIPC Vice Chair and representative to RISC, American Public Power Association (APPA) 12. Legislative Update – Mr. Nathan Mitchell, CIPC Vice Chair, APPA 13. Electricity Subsector Coordinating Council Update – Mr. Scott Aaronson, Edison Electric Institute 14. Operating Security Subcommittee – Mr. Joe Garmon, Subcommittee Chair, Seminole Electric Cooperative a. Grid Exercise Working Group (GEWG) – Mr. Tim Conway, GEWG Chair, SANS Institute GEWG Charter b. Business Continuity Guideline Task Force (BCGTF) – Mr. Darren Myers, BCGTF Chair, Duke Energy BCGTF Charter 15. Cybersecurity Subcommittee – Mr. David Revill, CIPC Vice Chair and Subcommittee Chair, Georgia Transmission Corporation a. Control Systems Security Working Group (CSSWG) – Mr. Mikhail Falkovich, CSSWG Chair, Public Service Enterprise Group CSSWG Charter b. Security Training Working Group (STWG) – Mr. William Whitney III, STWG Chair, City of Garland Power and Light STWG Charter 16. Physical Security Subcommittee – Mr. David Grubbs, Subcommittee Chair, City of Garland Power and Light a. Physical Security Working Group (PSWG) – Mr. Ross Johnson, PSWG Chair, Capital Power PSWG Charter b. Physical Security Guidelines Task Force (PSGTF) – Mr. John Breckenridge, PSGTF Chair, Kansas City Power and Light PSGTF Charter 17. Policy Subcommittee – Mr. John Galloway, Subcommittee Chair, ISO New England a. Bulk Electric System Security Metrics Working Group (BESSMWG) – TBD will report on behalf of the BESSMWG
Agenda – Critical Infrastructure Protection Committee – March 8-9, 2016
3
BESSMWG Charter b. Physical Security Standard Working Group (PSSWG) – Mr. Allan Wick, PSSWG Chair, Tri-State G&T PSSWG Charter c. Compliance Enforcement and Input Working Group (CEIWG) – Mr. Paul Crist, CEIWG Chair, Lincoln Electric System CEIWG Charter 18. Agency Updates a. Federal Energy Regulatory Commission b. Department of Energy c. Department of Homeland Security 19. Schedule of Important Dates: Dates
Time
March 7, 2016
1:00 - 5:00 p.m.
March 8, 2016
8:00 a.m. - Noon
March 8, 2016
Noon - 5:00 p.m.
March 9, 2016
8:00 a.m. - Noon
June 6, 2016
1:00 - 5:00 p.m.
June 7, 2016 June 7, 2016
8:00 a.m. - Noon Noon - 5:00 p.m.
June 8, 2016
8:00 a.m. - Noon 1:00 - 5:00 p.m.
September 2016* September, 2016* October 17-21, 2016 December 13, 2016
Type
Location
Hotel Hyatt Regency Louisville 311 S 4th Street Louisville, KY 40202 (502) 581-1234 Hyatt Regency Louisville 311 S 4th Street Louisville, KY 40202 (502) 581-1234
CIPC Workshops
Louisville, KY
CIPC Meeting
Louisville, KY
CIPC Workshops
TBD
TBD
CIPC Meeting
TBD
TBD
CIPC Workshops
TBD
TBD
CIPC Meeting
TBD
TBD
8:00 a.m. - 5:00 p.m.
GridSecCon 2016
Quebec City, QC
TBD
8:00 a.m. - Noon
Energy Sector Classified Briefing (No CIPC Workshop)
Atlanta, GA
TBD
8:00 a.m. - Noon Noon - 5:00 p.m. 8:00 a.m. - Noon
Agenda – Critical Infrastructure Protection Committee – March 8-9, 2016
4
Dates
Time
December 13, 2016
Noon - 5:00 p.m.
December 14, 2016
8:00a.m. - Noon
Type CIPC Meeting
Location Atlanta, GA
Hotel Ritz Carlton Buckhead 3434 Peachtree Rd N.E. Atlanta, GA 30326
* September CIPC meetings and workshops are being rescheduled due to conflict with ASIS International Conference
20. Closing Remarks and Action Items 21. Adjournment
Agenda – Critical Infrastructure Protection Committee – March 8-9, 2016
5
NERC Antitrust Compliance Guidelines I. General
It is NERC’s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or that might appear to violate, the antitrust laws. Among other things, the antitrust laws forbid any agreement between or among competitors regarding prices, availability of service, product design, terms of sale, division of markets, allocation of customers or any other activity that unreasonably restrains competition. It is the responsibility of every NERC participant and employee who may in any way affect NERC’s compliance with the antitrust laws to carry out this commitment. Antitrust laws are complex and subject to court interpretation that can vary over time and from one court to another. The purpose of these guidelines is to alert NERC participants and employees to potential antitrust problems and to set forth policies to be followed with respect to activities that may involve antitrust considerations. In some instances, the NERC policy contained in these guidelines is stricter than the applicable antitrust laws. Any NERC participant or employee who is uncertain about the legal ramifications of a particular course of conduct or who has doubts or concerns about whether NERC’s antitrust compliance policy is implicated in any situation should consult NERC’s General Counsel immediately. II. Prohibited Activities
Participants in NERC activities (including those of its committees and subgroups) should refrain from the following when acting in their capacity as participants in NERC activities (e.g., at NERC meetings, conference calls and in informal discussions):
Discussions involving pricing information, especially margin (profit) and internal cost information and participants’ expectations as to their future prices or internal costs.
Discussions of a participant’s marketing strategies.
Discussions regarding how customers and geographical areas are to be divided among competitors.
Discussions concerning the exclusion of competitors from markets.
Discussions concerning boycotting or group refusals to deal with competitors, vendors or suppliers.
Any other matters that do not clearly fall within these guidelines should be reviewed with NERC’s General Counsel before being discussed.
III.
Activities That Are Permitted
From time to time decisions or actions of NERC (including those of its committees and subgroups) may have a negative impact on particular entities and thus in that sense adversely impact competition.
Decisions and actions by NERC (including its committees and subgroups) should only be undertaken for the purpose of promoting and maintaining the reliability and adequacy of the bulk power system. If you do not have a legitimate purpose consistent with this objective for discussing a matter, please refrain from discussing the matter during NERC meetings and in other NERC-related communications. You should also ensure that NERC procedures, including those set forth in NERC’s Certificate of Incorporation, Bylaws, and Rules of Procedure are followed in conducting NERC business. In addition, all discussions in NERC meetings and other NERC-related communications should be within the scope of the mandate for or assignment to the particular NERC committee or subgroup, as well as within the scope of the published agenda for the meeting. No decisions should be made nor any actions taken in NERC activities for the purpose of giving an industry participant or group of participants a competitive advantage over other participants. In particular, decisions with respect to setting, revising, or assessing compliance with NERC reliability standards should not be influenced by anti-competitive motivations. Subject to the foregoing restrictions, participants in NERC activities may discuss:
Reliability matters relating to the bulk power system, including operation and planning matters such as establishing or revising reliability standards, special operating procedures, operating transfer capabilities, and plans for new facilities.
Matters relating to the impact of reliability standards for the bulk power system on electricity markets, and the impact of electricity market operations on the reliability of the bulk power system.
Proposed filings or other communications with state or federal regulatory authorities or other governmental entities.
Matters relating to the internal governance, management and operation of NERC, such as nominations for vacant committee positions, budgeting and assessments, and employment matters; and procedural matters such as planning and scheduling meetings.
NERC Antitrust Compliance Guidelines
2