Power Engineering

Beyond the NERC CIP 5 Deadline: Steps for Tighter Security Now

In August 2014, NERC published its Cyber Security Reliability Standards CIP V5 Transition Guidance. The deadline to comply with NERC CIP 5, as it’s called, was scheduled for April 1, 2016. Many U.S.
T&D

How Much CIP Security is Good Enough?

Any discussion around security and how much is good enough for utilities is framed by standards, how well those standards are implemented, and risk. In the U.S., the security of the electric utility ...
Security

Bow Networks, GarrettCom Provide Vision of NERC CIP Secure Access Management to Power Utilities

HOUSTON , Oct. 13 /PRNewswire/ -- As the next NERC CIP compliance deadlines grow near, power utilities are homing in on solutions. Bow Networks' president, Jeff Gill , and GarrettCom's EVP, John Shaw ...
JD Supra

FERC Directs NERC to Study Bulk Electric System's Internal Cybersecurity Gaps

FERC initiated this proceeding with a Notice of Proposed Rulemaking (the "NOPR") in early 2022.[4] In the NOPR, FERC raised the issue of a regulatory gap in Critical Infrastructure Protection ("CIP") ...
Security

FERC, NERC Confront Security Risks of Unprotected Process Sensors

A growing chorus of experts warns that process sensors — long excluded from cybersecurity standards due to their non-routable protocols — pose a critical risk to the electric grid as FERC and NERC ...
CSR Wire

NERC CIP Standards for Threat Visibility & Detection for Critical Infrastructure

Grid modernization has created an explosion of network-connected equipment, exposing utilities to a wide range of potential threats from nation states, criminals, disgruntled employees, and accidental ...
Network World

Do You Know about these Real-Life NERC CIP SCADA Vulnerabilities?

Most security operations people I’ve spoken with at electrical utilities have a good handle on the security vulnerabilities within their own SCADA environments. Their problem is convincing their ...
T&D

Cyber Security Solution is NERC-CIP-Compliant

RuggedCom introduced a new NERC (North American Electric Reliability Council) CIP (Critical Infrastructure Protection) Cyber Security solution at the 2007 DistribuTECH show in San Diego. RuggedCom ...
Power Engineering

The Evolution of Cyber Security

The electric power industry is a relatively exposed component of the nation’s infrastructure. Vulnerabilities to natural disasters, system disruptions and human ...
E&E

Grid hack exposes troubling security gaps for local utilities

When Washington state utility executive Benjamin Beberness dug into what was behind the crippling cybersecurity blackout in Ukraine, the details were chilling, not only because of their malevolent ...
Network World

Can you Sell these NERC CIP Mitigation Steps to Executive Management?

Last week I described real life SCADA vulnerabilities. My intent was to assist IT security people to dialogue with their executive management about security budgets. This week I will continue by ...
JD Supra

Registered Entities: Expect a Significant Increase in NERC’s Focus on Physical Security

There are no unimportant North American Electric Reliability Corporation (NERC) reliability standards, but from time to time, NERC and the Regional Entities (Regions) place greater emphasis on certain ...