Energy and Utilities
Energy & Utility NERC CIP Compliance Incident Reporting
D3 is a flexible records management system that consolidates management of physical infrastructure, diversified workplaces and critical cyber environments. Offering streamlined reporting solutions, including for copper theft, workplace violence and theft of power, D3 can capture events and manage the response—allowing utilities to safely and consistently produce, distribute and deliver their products withing the NERC Compliance framework.
How You Benefit From Our Software
Full spectrum of situational awareness
The energy sector’s utilities and regulators rely on D3 because it is a single incident management solution that enables situational awareness across the full spectrum of cyber threats, physical threats, risk assessments, and the status of compliance with standards such as NERC CIP.
Implement the NIST Incident Handling Guide
D3 helps utility organizations adopt the NIST Cybersecurity Framework and NIST 800-61 Incident Handling Guide by building processes into the software and guiding its usage through playbooks. Over time, users clone and enhance workflows with custom procedures, such as threat intelligence enrichment and increased collaboration.
Enable flow of actionable intelligence
Making it easy to share actionable intelligence and relevant information across a utility—whether through task collaboration, data correlation or user search—eases risk-informed decision making. In addition, D3 is used to share reports with information centers and the regional reliability councils of NERC.
Create playbooks, risk assessments & metrics
D3’s extensive platform provides utilities with a library of NIST-based playbooks and the ability to create custom playbooks based on other methodologies like those provided by COBIT or ISO. As well, D3 supports various risk assessment formats including those needed by NERC or CFATS reporting, and incident metrics that standardize threat tracking across multiple locations, such as a utility’s many substations.
“Cyber risks are a rising intangible peril that threatens assets and revenues and creates rising liabilities for energy companies. In a period of unprecedented change and transition, along with significant needs for investment, the sector must look to better manage and finance cyber risks.”
Chairman of the Energy & Power Practice for Marsh