Cybersecurity at PJM Jonathon Monken Senior Director System
Cybersecurity at PJM Jonathon Monken Senior Director, System Resilience and Strategic Coordination www. pjm. com PJM© 2017
Threat Environment Nation state threats Un-attributable threat actors Insider threats Additional man-made or natural events www. pjm. com 2 PJM© 2017
PJM’s Five Strategic Objectives to Manage Threats Risk Management Defense Response Education Partnership www. pjm. com 3 PJM© 2017
Defense Information Sharing Vulnerability Management Data Management Defense Impact Analysis Predictive Analytics Technology Lifecycle www. pjm. com 4 PJM© 2017
The delivery of a weaponized package. This may be via a phishing email, a compromised website (watering hole attack), or a USB stick. Phases of the Cyber Kill Chain® Installing an attack toolkit on the exploited system in order to gain persistent access to the system. Reconnaissance Running the activity weaponized to discover package to take characteristics temporary control of of PJM systems and a computer system personnel with a goal by taking advantage of weaponizing of a vulnerability. Cyber Kill Chain is a registeredor trademark malware a of Lockheed-Martin (Weaponization phase excluded). customized www. pjm. com 5 cyberattack. Completing the original mission of the attack. Includes data exfiltration, denial of service and sabotage. Connecting to a command control server to pick up instructions or additional attack tools. PJM© 2017
Response Situational Awareness Government Sources Response Coordination Commercial Sources Industry Sources 6 PJM© 2017
Education Training and Exercise Activities Corporate-wide Training Comprehensive Exercises • Grid. Ex and Earth. Ex NERC CIP Training and Assessment Cybersecurity Education • Professional Certifications • Certificate Programs • Advanced Degrees Proposed PJM Security and Resilience Committee www. pjm. com 7 PJM© 2017
Cybersecurity Partnerships www. pjm. com 8 PJM© 2017
Where is this road taking us? • Machine-speed information sharing • Larger attacks surface area – Io. T Devices – Distributed Energy Resources • Evolving threat actors www. pjm. com 9 PJM© 2017
- Slides: 9