NERC CIP compliance was a reason many participants in the BES would not deploy workloads to the cloud. NERC CIP version 6 is now in force. NERC has recognized the change in the technology landscape including the security and operational benefits that well architected use of the cloud has to o...
The article focuses on the Version 5 of North American Electric Reliability Corp. Critical Infrastructure Protection (NERC CIP) standards. It says that the most notable change in the version is the tiered impact rating system, which categlorized bulk electric system (BES) Cyber Systems into High...
1 and CIP-011-1 are not the same standards as those posted for this comment/ballot period.The version of CIP-010 posted May 4 – June 3, 2010 addressed requirements associated with an earlier version of CIP-002, and the version of CIP-011 posted May 4 – June 3, 2010 was a single ...
CIP-006-6 R1-1.10 discusses the delivery of data to and from PSPs. The rich set of access control and encryption features on the Cisco well-established suite of secure gateways, routers, and firewalls are both standards based and fully interoperable with numerous vendors. The Grid Security Arc...
The Federal Energy Regulatory Commission (FERC) approved the Version 5Version 5 Critical Infrastructure Protection (CIP) Standards proposed by the North American Electric Reliability Corporation (NERC) on November 22, 2013, with some notable caveats. Version 5 applies a new approach to Bulk Electric ...
CIP-002-5, Requirement R1, Attachment 1: Criterion 2.5 and Generation Interconnection Version: October 1, 2015 Authorized by the Standards Committee on October 29, 2015 for posting as a supporting reference pursuant to section 11 of the Standard Processes Manual.This document is designed to ...
During old CIP Version 3 audits, I have seen words like "significant," "annual" and other non-defined terms used in every possible way you could imagine. Of course, some of that language has been cleaned up in the modern CIP standards, but you get the point. If you do have an undefi...
This article discusses implications of NERC CIP standards on cloud computing. It explores compliance assurances that cloud service providers can furnish to registered entities subject to compliance with NERC CIP standards.
R1. Each Responsible Entity shall implement one or more documented physical security plan(s) that collectively include all of the applicable requirement parts in CIP-006-6 Table R1 – Physical Security Plan. Rationale for Requirement R1: Each Responsible Entity shall ensure that physical access to...
This blog provides an in-depth overview of NERC CIP-015 compliance requirements, focusing on the importance of internal network security monitoring (INSM) for electric utilities. Learn about the NERC CIP-015 standards adopting internal network security m