This document is an appendix to "Evaluating the prudency of cybersecurity investments: Guidelines for Energy Regulators". It is intended as a reference text for the section discussing EPRI cybersecurity metrics, i.e. the most mature and comprehensive system of indicators to assess the effectiveness of countermeasures to reduce cyberrisk. EPRI CS metrics is based on 120 data points. These provide operational statistics collected from various points in utility operations. The data points that provide the metrics foundations are all measurable quantities. The simple indicators are the bases for the calculation of scores. The source of the list presented in this appendix is the EPRI report: Suh-Lee, C. (2017). Cyber Security Metrics for the Electric Sector: Volume 3. Palo Alto, CA: EPRI. The report is freely available from https://www.epri.com/#/pages/product/3002010426/?lang=en-US
EPRI CYBER SECURITY METRICS
Ugo Finardi;Alberto Stefanini
2020
Abstract
This document is an appendix to "Evaluating the prudency of cybersecurity investments: Guidelines for Energy Regulators". It is intended as a reference text for the section discussing EPRI cybersecurity metrics, i.e. the most mature and comprehensive system of indicators to assess the effectiveness of countermeasures to reduce cyberrisk. EPRI CS metrics is based on 120 data points. These provide operational statistics collected from various points in utility operations. The data points that provide the metrics foundations are all measurable quantities. The simple indicators are the bases for the calculation of scores. The source of the list presented in this appendix is the EPRI report: Suh-Lee, C. (2017). Cyber Security Metrics for the Electric Sector: Volume 3. Palo Alto, CA: EPRI. The report is freely available from https://www.epri.com/#/pages/product/3002010426/?lang=en-USI documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.