CIP

RSS

NERC’s proposed virtualization-related updates to its critical infrastructure protection standards are headed for another round of revisions after an extended public comment period revealed widespread industry skepticism about the planned changes. Comments for Project 2016-02 (Modifications to CIP standards) closed on Monday following a 60-day posting. (See NERC Seeks Faster...

Electric distribution systems that carry energy to end consumers are highly vulnerable targets for cyberattacks, but these risks are "not fully" addressed by the Department of Energy’s cybersecurity strategy, according to a new report from the U.S. Government Accountability Office. GAO’s "Electric Grid Cybersecurity" report draws on interviews with officials...

FERC on Thursday approved revisions to three of NERC’s critical infrastructure protection (CIP) reliability standards, submitted last year under Project 2019-03 (Cybersecurity supply chain risks). The commission’s order approved the following standards: CIP-005-7: Cybersecurity — Electronic security perimeter(s) CIP-010-4: Cybersecurity — Configuration change management and vulnerability assessments CIP-013-2: Cybersecurity —...

Public utility commissions’ executive leadership must be willing to take a "champion" role in building their organizations’ cybersecurity expertise, according to a guideline released this week by the National Association of Regulatory Commissioners. NARUC created the guide to recognize the growing importance of electronic communication tools to utilities in their...

Thursday’s meeting of NERC’s Member Representatives Committee (MRC) saw the unanimous re-election of Trustees Robin Manning and George Hawkins, as well as the approval of two new board members: former American Public Power Association CEO Sue Kelly, and Larry Irving, president and CEO of consulting firm The Irving Group. The...

Cybersecurity ranks as the top reliability risk in the Southeast, followed by extreme weather events and the integration of variable energy resources, SERC said Tuesday during a quarterly open forum, where it reviewed its 2020 Risk Report. "One thing consistently being number one is cybersecurity threats resulting from exploitation —...

The standards drafting team (SDT) for NERC’s Project 2016-02 is accepting comments through 8 p.m. March 22 on proposed changes to the ERO’s Critical Infrastructure Protection (CIP) reliability standards that are intended to "incorporate virtualization and future technologies." Ballot pools are being formed through Feb. 19, and initial ballots and...

Industry participants support federal efforts to limit acquisition of foreign-manufactured hardware but warn that rooting it out of existing systems "presents significant challenges," according to responses to FERC’s inquiry on reliability risks from such bulk electric system equipment (RM20-19). FERC issued its Notice of Inquiry in September in response to...

Citing "general agreement" within the electric industry about the potential benefits of virtualization and cloud computing services, FERC on Thursday ordered NERC to make an informational filing on possible modifications to the critical infrastructure protection (CIP) reliability standards to allow their use (RM20-8). Thursday’s order follows a Notice of Inquiry...

FERC on Thursday proposed incentives to encourage public utilities to make cybersecurity investments above and beyond the requirements of NERC’s Critical Infrastructure Protection (CIP) standards. "As we’ve seen recently in the news this rulemaking cannot be more timely," FERC Chairman James Danly said at the commission’s open meeting Thursday, referring...