Leveraging the SEL Ecosystem for NERC CIP-015 Compliance

NERC CIP-015 requires entities supporting the bulk electric system to implement internal network security monitoring (INSM), the practice of continually watching for evidence of threats inside the electronic security perimeter. Fortunately, this standard provides a great deal of flexibility for organizations to create an INSM system that best protects their assets.

While many organizations view an externally facing intrusion detection system (IDS) as a universal solution to achieve security, it’s just as important to include an internally facing monitoring solution tailored to your own unique network. Many SEL solutions include native capabilities that support a tailored INSM approach, such as the Real-Time Automation Controller (RTAC), OT software-defined networking (SDN), and the SEL Blueframe® Data Management and Automation (DMA) application suite.

In this white paper, OT cybersecurity expert Will Edwards explores strategies for building a robust INSM system to complement an externally focused IDS and comply with the incoming NERC CIP-015 regulations, while outlining the SEL devices that natively satisfy these requirements.