Case Study: Tucson Electric Power achieves NERC compliance and centralized vulnerability management with Flexera (Secunia Vulnerability Intelligence Manager)

Tucson Electric Power Commissions Secunia’s Vulnerability Intelligence Manager for NERC Compliance

Tucson Electric Power (TEP), which supplies power to over 400,000 customers in the Tucson area and supports renewable-energy incentives, needed to upgrade its security processes to meet NERC Critical Infrastructure Protection (CIP) compliance. IT security relied on fragmented vendor notifications and manual checks across departments, making it difficult to centrally track vulnerabilities and respond within required timeframes.

TEP implemented Secunia’s Vulnerability Intelligence Manager (VIM), giving them centralized coverage of vulnerabilities across generation, transmission, distribution and IT (Secunia’s database covers over 40,000 systems and applications). The VIM enabled automated notifications, group reporting and consolidated tracking of vulnerabilities and patches, greatly reducing manual effort, speeding assessments to meet the 30-day NERC requirement, and helping TEP maintain compliance with improved visibility and vendor support.

Tucson Electric Power

Lisa Capristo

IT Security & Compliance Manager