Learn About Our Partnerships.
Partner with WizNucleus and enable customers to make important decisions about their cybersecurity and regulatory compliance.
Business Partners
WizNucleus partners with a number of consulting and services companies that service the Energy Sector. We have a number of partners that have standardized on CWP as their assessment tool that makes the customer experience more efficient and makes the resulting compliance program higher quality and sustainable. Imagine service companies leaving behind a tool with all the assessment data and reports instead of hundreds if not thousands of spreadsheets.
Become A Partner Today
We are always looking for more consulting and service partners.
Technology Partners
To have a solid compliance program, it’s imperative that deep integration exist with the security program across both IT and OT infrastructure. To this end, WizNucleus has integrated CWP with a number of security technologies.
Security Product Category
SIEM (Security Information and Event Monitoring)
Cyberwiz-Pro Integration
It’s important for the compliance program to be notified and track certain security events. For example, when number of failed access/login attempts exceeds a predefined threshold. CWP has two-way integration with SIEM vendors.
- CWP receives events from the SIEM whenever a correlated event of interest to compliance tracking occurs.
- CWP sends an event to the SIEM when the alert is attended by a qualified person monitoring the compliance requirements.
Asset Management
If a customer already has assets centralized in an asset management product, CWP will integrate with it. IT asset management systems may not be adequate for meeting CIP-010 requirements. CWP integrates with asset management by:
- Importing assets from the asset management system
- Synchronizing the NERC CIP baseline in CWP with theasset management system
- Intercepting the workflow process in the asset management system with the CWP NERC CIP workflow to enforce NERC activities such as impact analysis are performed and documented
- Creating a change work order from CWP into the asset management system
Patch Management
The patch management process is an integral part of the NERC CIP System Security Management process. Planning and implementing a patch is a security process performed by the security team. However, the approval, audit, and monitoring of that process is central to CIP-007 and CIP-010. CWP integrates with the patch management process by:
- Linking the change approval process in CWP with thepatch planning and approval process
- CWP monitors changes to the baseline and will alert the patch process if an unapproved patch is installed
Configuration Integrity Monitoring
CIP-010 V5 requires active monitoring of assets for unapproved changes. CWP comes with an integrity monitoring agent to perform this function but can also integrate with other vendors that perform this function. CWP integrates by:
- Importing asset data that is automatically discovered by the CIM system
- Maintaining an approved baseline against which changes can be monitored
- CWP being notified of a change and comparing that against the approved baseline and change approvals
- Keeping an audit trail for NERC CIP reporting
Identity and Access Management
CIP-004 R4 requires tracking and auditing of personnel electronic and physical access to BES cyber assets. CWP integrates with IAM systems so that there is audit-ready documentation of approved users. CWP integration with IAM:
- Workflow integration to add/delete/change user access
- Notification of unauthorized access attempts
