NIST SP 1800-23 Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry
こんにちは、丸山満彦です。
NISTから電気事業、石油およびガス産業向けの資産管理のガイドが発行されてますね。OT資産を特定して管理し、それらに関連するサイバーセキュリティリスクを検出する方法についての手順を説明したものですね。。。
内容的には、3つに分かれていて
-
NIST SP 1800-23A: Executive Summary
-
NIST SP 1800-23B: Approach, Architecture, and Security Characteristics – what we built and why
-
NIST SP 1800-23C: How-To Guides – instructions for building the example solution
・2020.05.20 SP 1800-23 Energy Sector Asset Management: For Electric Utilities, Oil & Gas Industry
・[PDF]
・Supplemental Material:
Web version (other)
Project Homepage (other)
・Document History:
2019.09.23: SP 1800-23 (Draft)
2020.05.20: SP 1800-23 (Final)
- 1 Summary
- 2 How to Use This Guide
- 3 Approach
- 4 Architecture
- 5 Functional Test Plan
- 6 Security Characteristic Analysis
- 6.1 Assumptions and Limitations
- 6.2 Analysis of the Reference Design’s Support for Cybersecurity Framework Subcategories
- 6.2.1 ID.AM-1: Physical Devices and Systems Within the Organization Are Inventoried
- 6.2.2 ID.RA-2: Threat and Vulnerability Information Is Received from Information-Sharing Forums and Sources
- 6.2.3 PR.DS-2: Data in Transit Is Protected
- 6.2.4 PR.MA-1: Maintenance and Repair of Organizational Assets Are Performed and Logged in a Timely Manner with Approved and Controlled Tools
- 6.2.5 PR.MA-2: Remote Maintenance of Organizational Assets Is Approved, Logged, and Performed in a Manner that Prevents Unauthorized Access
- 6.2.6 PR.PT-4: Communications and Control Networks Are Protected
- 6.2.7 DE.AE-1: A Baseline of Network Operations and Expected Data Flows for Users and Systems Is Established and Managed
- 6.2.8 DE.AE-2: Detected Events Are Analyzed to Understand Attack Targets and Methods
- 6.3 Lessons Learned
- 7 Future Build Considerations
- Appendix A List of Acronyms
- Appendix B References
- 1 Introduction
- 2 Product Installation Guides
- 2.1 ConsoleWorks
- 2.2 Forescout CounterACT
- 2.3 Dragos Platform
- 2.4 FoxGuard Patch and Update Management Program
- 2.5 Kore Wireless
- 2.6 pfSense VPN
- 2.7 Splunk
- 2.8 Tripwire Industrial Visibility
- Appendix A List of Acronyms
« Apple & Google 公衆衛生機関を支援するために - Exposure Notification API を公開 | Main | NIST SP 800-137A Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment »
Comments