Regulatory Compliance - Rokster

Regulatory Compliance Services

Work With Us

NERC CIP and O&P Compliance

Rokster provides NERC CIP and O&P consulting services by utilizing industry-leading professionals. Our NERC CIP and O&P consultants have years of experience within ICS/OT environments, some of whom were former regional auditors with extensive credentials and audit knowledge to provide industry best-in-class services.

NERC CIP and O&P Program Development

Our Subject Matter Experts will work with support personnel to develop processes suited for even the most stringent compliance demands. Rokster will also assess areas of the organization’s program where deficiencies reside and provide remediation services to ensure that compliance is sustainable. Rokster SMEs will build a resource plan to identify where time and energy should be focused to maintain a strong compliance program.

NERC CIP and O&P Gap Analysis

Our Gap Assessments will identify potential problem areas in your compliance program allowing you to identify gaps and avoid potential areas of non-compliance. Our Gap Assessments are scalable, allowing for the review of single or multiple requirement areas and internal controls evaluations. Rokster provides expert mitigation recommendations that will aid in the fostering of solid compliance program performance.

NERC CIP and O&P Policy Review and Development

Rokster SME’s leverage years of experience within the NERC CIP and Cybersecurity industries to review your organizations current policies, offer evidence-based observations, and recommend actions to close any gaps within your policies and procedures and make them audit-ready. Rokster SME’s can also develop policies and procedures through interviews with your organizations SMEs to document practices already in place but undocumented.

NERC CIP and O&P Audit Preparation

Audits are intimidating, yet a necessary measure of success for a compliance program. Preparing for an audit can place a heavy burden on support staff. Rokster can alleviate that burden by preparing your RSAWs, validating evidence, and educating your Subject Matter Experts for a positive audit outcome. Rokster SME’s will also train your organizations SMEs on best practices for interviews.

NERC CIP and O&P Mock Audit

Rokster Mock Audit services can prepare you for a real audit with a regional entity by simulating the stress of an actual audit to gauge your company’s preparedness. Mock audits are an important tool for audit preparation and give valuable experience for regulatory compliance and Subject Matter Expert staff.

NERC CIP-002-5.1 BES System Categorization

Has your organization had trouble categorizing your BES Systems? Rokster can perform an onsite or virtual NERC CIP-002-5.1 BES System Categorization workshop presented by former CIP-002-5.1 regional auditors. This will allow your organization SMEs to learn how to properly categorize your BES cyber systems and be highly confident entering an audit of your CIP-002 categorization posture.

Physical Security Assessments

Security assessments of your organization’s facilities are critical to evaluate existing physical security programs and safeguard your people and assets. Rokster Subject Matter Experts have years of experience in ICS/OT environments and expertise in the latest technologies to implement solutions and access controls without impacting production. Rokster SMEs are experienced in both NERC CIP-006 and NERC CIP-014 .

NERC CIP Supply Chain Risk Management

Effective Oct.1 2020, NERC CIP-013 addresses Supply Chain Risk Management. The purpose of this requirement is to mitigate cybersecurity risks and potential threats to the reliable operation of the Bulk Electric System (BES) through the implementation of security controls for supply chain risk management of BES Cyber Systems. Rokster Cybersecurity services can assess your CIP-013 program, identify areas of concern, and provide recommendations to build and sustain a robust Supply Chain Risk Management Program.

NERC CIP Vulnerability Assessment

Rokster can provide your annual CIP-010 R3 Cyber Vulnerability Assessments (CVA). Our Subject Matter Experts can perform both paper and active vulnerability assessments without impact to your production environment due to our extensive industry experience within ICS/OT networks. Our CVA offerings are scalable to meet minimum CVA requirements or provide a deeper dive into your Industrial Controls Systems (ICS). Rokster will provide mitigation plans to meet both regulatory compliance needs and industry best practices for ICS environments.

NERC CIP and O&P Staff Augmentation

Does your organization face a need NERC CIP and O&P Subject Matter Expertise on a short to mid-range basis? Rokster can augment your organization’s compliance staff to meet large projects, audit prep, or any organizational turn-over to ensure all your NERC CIP compliance needs are met throughout the duration of an organizations resource strain.

NERC CIP-008 Incident Response

Incident Response is a critical area of concern for the electrical industry. Rokster offers a full suite of incident response services including review of your incident response policies and procedures, Incident response testing and scenario development, red team/blue team and purple team incident response exercise.

NERC CIP-009 Disaster Recovery

How prepared is your organization for a disaster recovery scenario? Rokster SMEs can help review your policies and procedures, test your disaster recovery plans and viability, and help your organization plan for business continuity given a disaster recovery event.

NERC CIP Automation

With ever increasing regulatory oversite and burden, Regional Entities are pushing organizations to automate wherever possible. Automation reduces workforce burden and eliminates much human error associated with compliance burnout. These are just some of the areas Rokster can provide automation services to help your organization reduce human error and workforce loads.

  • Automation of Manual Process Workflows for all Regulatory Compliance Related Tasks
  • CIP-003
  • CIP-004
  • CIP-005 and CIP-007 Evidence Collection for CIP-010 R1.4 & R1.5.1 Change Management
  • CIP-009
  • CIP-010

TSA Pipeline Security Guidelines

Pipeline Cyber Asset Classification

Does your organization need assistance performing a TSA Pipeline Criticality Assessment? Rokster will help your organization determine if your pipelines are considered critical and apply baseline or enhanced security measures dependent on the outcome.

Corporate Security Plan

Is your organization having trouble getting your compliance program off the ground? Rokster will work with your internal stakeholders to create a comprehensive corporate security plan that not only meets your organizations compliance needs but also lays the foundation for an effective cybersecurity program.

Physical Security

Physical security of our clients assets and personnel is of the utmost importance to Rokster. Rokster leverages former physical security auditors from NERC regions to review your physical security program and measures. Our SMEs will work with your organization to identify gaps and create a plan of action with milestones to ensure that your people and assets remain safe.

II.B.2.a. Multi-Factor Authentication

Rokster SMEs will design, implement, and test your remote access environment for non-service account accessing Information and Operational Technology systems in a manner compliant with the most current version of NIST Special Publication 800-63B, Digital Identify Guidelines, Authentication and Lifecycle Management standards for use of multifactor cryptographic device authenticators.

II.B.2.b. Network Segmentation

Network segmentation (physical and logical zones) is required by II.B.2.b. sufficient to ensure the Operational Technology system can operate at necessary capacity even if the Information Technology system is compromised. They will identify and document IT and OT interdependencies. Our experts have years of experience designing and implementing DMZs and Access Control Lists to least privilege along with state-of-the-art monitoring capabilities to ensure your network security.

II.B.2.c. Logging, Alerting, and Retention

Logging within your environment is required to meet compliance II.B.2.c. standard. Rokster will design and implement your environment to meet log retention, configuration, alerting, and align your SIEM with a relevant threat model built using MITRE’s Adversarial Tactics Techniques & Common Knowledge (ATT&CK) for ICS

II.B.2.d. & II.B.2.e Traffic Filtering and Monitoring

II.B.2.d. & II.B.2.e Requires Pipeline Operators to monitor email, websites, endpoints, communications for malicious software and communications, it also requires these organizations to create access controls lists which restrict communication to known malicious external sites and communications required for operation between their OT and IT environments. Rokster SMEs have decades of experience performing these tasks and will help your organization to become compliant.

II.B.2.f Domain Name System Capabilities

II.B.2.f Requires Pipeline Operators to employ DNS capabilities to source Domain Name System queries and maintain legitimate user lists, investigate reputation of domains and analyze risk to organizations. Rokster will work with your organization to develop policies and procedures and employ technologies consistent with this compliance standard.

II.B.2.g Patch Mitigation and Vulnerability Management

At the core of every solid cybersecurity program is a comprehensive Patch Mitigation and Vulnerability Management program. Rokster SMEs have successfully developed and deployed policies, procedures, and processes to successfully deploy Patch Mitigation and Vulnerability Management programs at utilities utilizing feedback loops that discover vulnerabilities, document them through the change management process, mitigate them through patching, and confirm mitigation post patching.

II.B.2.h, II.B.2.i, II.B.2.j Cyber Security Controls, Access Control, and Privileged Rights Access

In today’s regulatory compliance environment, organization face difficulties in understanding the ever-evolving regulatory environment. It is important for organizations to not only remain compliant but also reduce operational risk. Rokster can help your organization deploy cyber security controls that will not only make your systems complaint but also secure your infrastructure by aligning your compliance and security objectives.

II.C.1. & II.C.2.e. Incident Response & Testing

Incident response planning contains specific directions for specific attack scenarios, avoiding further damages, reducing recovery time and mitigating cybersecurity risk. A good Incident Response plan identifies roles and responsibilities of stakeholders and sets forth directions in communication actions to be taken throughout execution of the plan. Periodic testing of the Incident Response Plan allows organizations to gauge the efficacy of the Incident Response Plan and document lessons learned to improve upon the efficiency of the plan.

II.D.1. Third-party evaluation of the Owner/Operator’s Operational Technology Design and Architecture

Rokster SMEs hold cybersecurity accreditation and certificates consistent with the expertise to review your organizations architecture and controls to offer observations and recommendations to close any existing gaps within compliance and an organizations cybersecurity posture.

Focused on protecting and advancing business via intelligent technology. How can we help you surpass your business goals?

Copyright © 2021 Rokster. All rights reserved. | Powered by smartboost