CIP 010 – Cyber Security — Configuration Change Management and Vulnerability Assessments

Purpose: Prevent and detect unauthorized changes to BES Cyber Systems by specifying configuration change management and vulnerability assessment requirements in support of protecting BES Cyber Systems from compromise that could lead to misoperation or instability in the BES.

Key Challenges:

  • Develop and maintain baseline configurations
  • Record and document any change that deviate from the baseline configuration
  • Update the baseline. configuration after a change
  • Test or verify security the controls impacted by a change
  • Monitor the baseline configuration every 35 days
  • Conduct vulnerability assessments.

Cyberwiz-Pro Delivers:

  • Automates configuraiton baselining efforts
  • Automates change control process
  • Delivers change control workflows
  • Monitors changes to baseline configuration
  • Automates vulnerability assessment
  • Automates security actions (with integration)
  • Automates risk assessment

Benefits:

  • Streamlines configuration management
  • Eliminates the pain of change control management
  • Eliminates errors and decreases inefficiency
  • Automated vulnerability support
  • Automated risk assessment
  • Implementation prioritization based on asset impact rating, vulnerability and risk