Business Partners

WizNucleus partners with a number of consulting and services companies that service the Energy Sector. We have a number of partners that have standardized on CWP as their assessment tool that makes the customer experience more efficient and makes the resulting compliance program higher quality and sustainable. Imagine service companies leaving behind a tool with all the assessment data and reports instead of hundreds if not thousands of spreadsheets.

We are always looking for more consulting and services partners.

Become a WizNucleus partner today.

Become a Partner Today

We are always looking for more consulting and service partners.

Technology Partners

To have a solid compliance program, it's imperative that deep integration exist with the security program across both IT and OT infrastructure. To this end, WizNucleus has integrated CWP with a number of security technologies.

Security Product Category Cyberwiz-Pro Integration

SIEM (Security Information and Event Monitoring)

It's important for the compliance program to be notified and track certain security events. For example, when number of failed access/login attempts exceeds a predefined threshold. CWP has two-way integration with SIEM vendors.

  • CWP receives events from the SIEM whenever a correlated event of interest to compliance tracking occurs.
  • CWP sends an event to the SIEM when the alert is attended by a qualified person monitoring the compliance requirements.

Asset Management

If a customer already has assets centralized in an asset management product, CWP will integrate with it. IT asset management systems may not be adequate for meeting CIP-010 requirements. CWP integrates with asset management by:

  • Importing assets from the asset management system
  • Synchronizing the NERC CIP baseline in CWP with theasset management system
  • Intercepting the workflow process in the asset management system with the CWP NERC CIP workflow to enforce NERC activities such as impact analysis are performed and documented
  • Creating a change work order from CWP into the asset management system

Patch Management

The patch management process is an integral part of the NERC CIP System Security Management process. Planning and implementing a patch is a security process performed by the security team. However, the approval, audit, and monitoring of that process is central to CIP-007 and CIP-010. CWP integrates with the patch management process by:

  • Linking the change approval process in CWP with thepatch planning and approval process
  • CWP monitors changes to the baseline and will alert the patch process if an unapproved patch is installed

Configuration Integrity Monitoring

CIP-010 V5 requires active monitoring of assets for unapproved changes. CWP comes with an integrity monitoring agent to perform this function but can also integrate with other vendors that perform this function. CWP integrates by:

  • Importing asset data that is automatically discovered by the CIM system
  • Maintaining an approved baseline against which changes can be monitored
  • CWP being notified of a change and comparing that against the approved baseline and change approvals
  • Keeping an audit trail for NERC CIP reporting

Identity and Access Management

CIP-004 R4 requires tracking and auditing of personnel electronic and physical access to BES cyber assets. CWP integrates with IAM systems so that there is audit-ready documentation of approved users. CWP integration with IAM:

  • Workflow integration to add/delete/change user access
  • Notification of unauthorized access attempts