NERC CIP Version 5: Compliance Support with Microsoft

I remember back in the late days of Y2K preparation when the U.S. Department of Energy approached us about ramping up a cybersecurity program for the Utility industry. It was then that I realized the magnitude of the situation. While Y2K was a short term event, cybersecurity was a 100 year+ event and the effort to manage the problem would dwarf our Y2K efforts.  Fast forward and every Utility in the world has cybersecurity as a top priority and it’s no surprise that Utilities are a top target for cyber-terrorism.

With this as a backdrop, I strongly encourage you to sign-up for the Webinar with the Oxford Computer Group (OCG), Microsoft’s Larry Cochrane, EnergySec and other utility security experts in a panel discussion exploring how Microsoft can strengthen your internal compliance and identity systems. While the focus is North America where the North American Electric Reliability Corporation (NERC) has jurisdiction, what NERC does has global ramifications and is watched closely by Utilities, regulators and governments worldwide.

We look forward to seeing you on the Webinar! – Jon C. Arnold



Join Oxford Computer Group (OCG), Microsoft, EnergySec and other utility security experts in a panel discussion exploring how Microsoft can strengthen your internal compliance and identity systems. Access control and data protection in relation to identities using Bulk Electric System (BES) cyber systems that must be protected represent a major component of NERC CIP V5 requirements. Identity and Access Management as built by Microsoft and partners can provide the essential technical controls that can help utilities meet regulatory compliance.

OCG NA President Marvin Tansley, Microsoft World Wide Power & Utilities Industry Architect Larry Cochrane, EnergySec’s President Steve Parker and cybersecurity entrepreneur and IT security futurist Neil Rerup will discuss the important role Microsoft’s partner product ecosystem plays in achieving access control compliance in today’s modern control environments and how it can support control mapping to other relevant security frameworks such as ISO 27001, COSO and NIST.   
Moderated by Brandon Dunlap from BrightFly, these panelists will provide a diverse set of perspectives on NERC CIP challenges as well as Identity and Access Management and Data Protection components, including:

  • Attestation, Audit and Reporting
  • Provisioning and De-provisioning
  • Data Loss Protection
  • Access Authentication
  • Strong Authentication
  • Active Directory Migration

Panelist Biographies
Marvin TansleyMarvin Tansley, President | Oxford Computer Group NA

Marvin is currently the President of Oxford Computer Group (OCG) NA. Before coming to OCG in 2010, Marvin spent seventeen years with Schlumberger, the leading oilfield services provider, and was responsible for managing the company’s technology and business partnership with Microsoft in Texas. In 2007, Marvin started work at Gemalto, a smart card company created by Schlumberger.

As Vice President of Network Access Solutions, he helped establish Gemalto as the global leader in smart card-based digital identity solutions. Marvin was a Vice President for the IT and Public Sector and was responsible for the North American field operations and marketing for smart card solutions. Marvin also served as a Manager of Sales and Business development for Gemalto’s Mobile Communication business unit in Montreal and as Vice President of Marketing for Schlumberger Gas Meters and Electronics stationed in Canada, the USA, France, and Germany.

Larry CochraneLarry Cochrane, Utilities Industry Technology Strategist | Microsoft
Mr. Cochrane has broad and deep Utility Industry experience. In his current role of Industry Technology Strategist, he is responsible for strategy and architecture for the Microsoft Worldwide Utilities Industry which requires deep knowledge of technology direction and participation in industry, evolving operations, and standards and policy and the implications to emerging business models and industry operations.
During his time with Microsoft, Larry has established the technology strategy for the Microsoft Worldwide Power and Utilities vertical. He’s also expanded the Microsoft Smart Energy Reference Architecture (SERA) and has driven the SERA Advisory Council to bring Enterprise Integration and Information Architecture guidance to Utilities and Utilities Partners worldwide.

Neil RerupNeil Rerup, Enterprise Security Architect | BC Hydro

Neil Rerup is a cybersecurity entrepreneur and IT security futurist and brings the perspective as a practicing Architect in the Utilities Industry. As founder of Vancouver-based Enterprise CyberSecurity Architects (ECSA), Neil leads a strategy team that designs systems and processes to protect intellectual property, business information and customer data for some of North America’s leading companies, utilities, and government programs.

A frequent speaker on cyber threats ranging from simple hackers to hostile nation states, cybersecurity expert Neil Rerup is known for seeing around corners to anticipate the next IT security threat while devising effective defenses against organized criminal IT incursions and foiling other IT security risks.

Neil is the author of CyberPeril, the Devastating Potential of CyberSecurity Threats to Companies and Economies (and what to do about them), Available Soon (Sutton Hart).

Steve ParkerSteve Parker, President | EnergySec

Steven Parker, CISA, CISSP, is the President of the Energy Sector Security Consortium (EnergySec). He was part of the grassroots effort that led to the formation of EnergySec, and has served on its board of directors since 2008.

Steven’s experience includes more than a decade of full-time security work at critical infrastructure organizations including the Western Electricity Coordinating Council, PacifiCorp, and US Bank. He has contributed to a broad range of security projects covering areas such as e-commerce, identity management, intrusion detection, forensics, and security event monitoring. Mr. Parker is a former Regional Entity NERC CIP auditor.