Deloitte and Exelon Team for Critical Infrastructure Protection Addressing Cybersecurity Risk

Aug 03, 2015, 07:06 ET from Deloitte

NEW YORK, Aug. 3, 2015 /PRNewswire/ -- Deloitte, the leading provider of cyber risk advisory services, and Exelon, the nation's leading competitive energy provider, today announced their collaboration to protect the reliability of the Bulk Electric System with the implementation of the North American Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Version 5 standards.

Cybersecurity is constantly evolving and regulatory requirements periodically adjust to update standards for security measures. The NERC CIP Standards are part of the utility industry's regulatory requirements designed to promote reliability of the Bulk Electric System, and are changing the way utilities address cyber security controls.

"Exelon's leadership in critical infrastructure protection is helping to improve the cybersecurity and reliability of its electric system," said Ed Powers, principal, Deloitte & Touche LLP, U.S. leader of cyber risk services. "While regulatory requirements are an important factor, business leaders should assess their risk environment to create a robust cyber risk program that goes beyond compliance.  Exelon is doing just that with demonstrated collaboration among their executives, generation, utility and IT professionals driving innovation, and expanding their NERC CIP compliance activities to something that could generate business value."

"Exelon has a strong track record of delivering safe, reliable power to customers, and avoiding outages is one of our top priorities," said Mark Browning, CIO for Exelon Utilities. "Through this project, Exelon is building on those efforts by blending best practices in security, reliability and compliance to protect the Bulk Electric System and the customers we serve."

Together, Deloitte and Exelon are identifying ways to efficiently and effectively apply good security practices and meet regulatory obligations at the same time; and develop and deploy processes, procedures and controls that meet the objectives of NERC CIP v5 standards. Preparedness and preemptive measures give companies better ability to minimize the potential damages from a cyber incident. To be in step with today's threat environment, utilities are required to implement compliance programs and practice discipline around security controls.

About Deloitte Cyber Risk Services
As part of the market-leading Advisory practice, Deloitte's Cyber Risk Services help complex organizations more confidently leverage advanced technologies to achieve their strategic growth, innovation and performance objectives through proactive management of the associated cyber risks. With deep experience across a broad range of industries, Deloitte's more than 1,800 Cyber Risk Services practitioners provide advisory and implementation services, spanning executive and technical functions, to help transform legacy IT security programs into proactive, secure, vigilant and resilient cyber risk programs that better align security investments with risk priorities, establish improved threat awareness and visibility, and strengthen the ability of organizations to thrive in the face of cyber incidents.

About Deloitte Advisory
Deloitte Advisory helps organizations turn critical and complex business issues into opportunities for growth, resilience and long-term advantage. Our market-leading teams help our clients manage strategic, financial, operational, technological, and regulatory risk to maximize enterprise value, while our experience in mergers and acquisitions, fraud, litigation, and reorganizations helps clients move forward with confidence.

As used in this document, "Deloitte" means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

Logo -

SOURCE Deloitte