The only real security that a man can have in this world is a reserve of knowledge, experience and ability. – Henry Ford
The Anfield Group has collected a breadth of resources that we believe are important enough to place on our website. There is vast amount of information out there on almost every subject. As with anything in life, the quality of our knowledge is limited by the source we obtain it from. We believe these resource links (below) to be authoritative in nature or expert enough to share. We hope you find them useful.
NERC Standards Mapping to Critical Security Controls
SANS and The Anfield Group developed poster
NERC CIP Version 5 Top Ten Transition Challenges
The Anfield Group flyer on what has been determined by many utilities as the top ten transition challenges that NERC CIP Version 5 introduces.
NIST Cybersecurity Framework
Voluntary framework for reducing cyber risks to critical infrastructure
FERC’s Policy Statement on Compliance
FERC’s guidance to the public on compliance with their governing statues, regulations and orders.
Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)
Comprises of a maturity model, an evaluation tool, and DOE facilitated self-evaluations
NRC’s Cyber Security Regulations (10 CFR Part 73.54)
Mandatory cyber security plan addressing the NRC requirements listed in this section
NRC’s Physical Protection of Plants and Materials (10 CFR Part 73)
Requirements for the establishment and maintenance of a physical protection system
DHS Strategy for Securing Control Systems
The primary goal of the Strategy is to build a long-term common vision where effective risk management of control systems security can be realized through successful coordination efforts.