Join us for the second installment of the MRO Case Files webinar series: “MRO Case Files: A NERC CIP-015 Investigation” This session takes a practical, investigative approach to unpacking the CIP-015 R1 requirement, with a focus on how organizations can effectively implement network data feeds within an Internal Network Security Monitoring (INSM) program.

Through real-world context and technical insight, this webinar will explore how to design and operationalize INSM capabilities that strengthen your ability to detect anomalous or unauthorized network activity—ultimately improving response and recovery outcomes in the face of evolving cyber threats.

You’ll gain valuable perspectives across three core areas:

• INSM Visibility and Context — understanding what data matters
• Risk-based rationale for monitoring network activity — aligning detection strategies with operational priorities
• Frontline considerations and Vendor insights — practical guidance from experts working in the field

This session features industry experts from Dragos, Nozomi Networks, and Schweitzer Engineering Laboratories, who will share firsthand experience, lessons learned, and actionable recommendations to help you advance your monitoring strategy.

Be part of the conversation and deepen your approach to securing critical network environments.