New cybersecurity standard a step closer
WASHINGTON DC - The North American Electric Reliability Corporation NERC is one step closer to approving a new version of the cybersecurity standard, the Critical Cyber Asset Identification CIP-002-4.
The proposed changes provide significant improvements to the existing standard by including a specific list of criteria for entities to identify their critical assets.
“Confirmation by the registered entities of their critical assets was a key priority for my first year as president and CEO of NERC,” says Gerry Cauley, President and CEO of NERC. “Recognizing that protecting cyber assets is critical to the electric utility’s infrastructure, as well as national and international security, the revisions to CIP-002-4 were advanced ahead of other cyber security standard improvements. This initial passage by the stakeholders represents a major progression in protecting the North American grid and ensuring reliability. I commend the stakeholders and the standard drafting team for the tremendous work they have done.”
CIP-002-4 is a foundational standard with the remaining CIP standards CIP-002 through CIP-009 relying on a complete and accurate identification of assets critical to reliability. Because entities are so tightly interconnected, a vulnerability that seems insignificant to a single entity can place the entire grid in a state of vulnerability.
“While NERC’s ANSI-based standard process requires a final “recirculation” ballot to allow stakeholders to confirm or modify their previous ballots, this standard appears to be on a path for approval by the end of the year or shortly thereafter,” says Cauley. The standard then goes to the NERC Board of Trustees for approval and then the new standard is filed with the with the Federal Energy Regulatory Commission for approval under provisions of the Federal Power Act section 215.
In addition to working on the implementation of the CIP-002-4 standard, NERC is expediting implementation of the NERC/Department of Energy High Impact, Low Frequency reportÂ’s geomagnetic and electromagnetic pulse recommendations. As part of this effort, NERC will establish independent validation and industry approaches to develop and deploy Geomagnetic Disturbance mitigation strategies and technologies to protect the power grid.
Related News
Kenya on Course for $5 Billion Nuclear Plant to Power Industry
KENYA - Kenya’s nuclear agency submitted impact studies for a $5 billion power plant, and said it’s on course to build and start operating the facility in about seven years.
The government plans to expand its nuclear-power capacity fourfold by 2035, the Nuclear Power and Energy Agency said in a report on the National Environment Management Authority’s website. The document is set for public scrutiny before the environmental watchdog can approve it, and pave the way for the project to continue.
President Uhuru Kenyatta wants to ramp up installed generation capacity from 2,712 megawatts as of April to boost manufacturing in East…
