NERC to improve protection response to critical infrastructure

by Electricity Forum

PRINCETON, NEW JERSEY - Rick Sergel, president and CEO of the North American Electric Reliability Corporation (NERC), recently announced the organizationÂ’s plans to improve its response to cyber security and critical infrastructure protection concerns for the bulk power system in North America.

Revealed to NERCÂ’s board of trustees and stakeholders in a letter, the plan outlines six specific actions that will lay the foundation for improving grid reliability by enabling faster and more effective action to protect critical assets from cyber or physical threats.

These actions arise from NERCÂ’s recent interaction with various organizations, notably including the House Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology of the House Homeland Security Committee, whose efforts have been instrumental in emphasizing the urgency and priority of this critical issue.

“Cyber security is a critical component of grid reliability, but is, by its nature, fundamentally different from any other reliability concern we currently address through our standards, analysis, or enforcement programs,” commented Rick Sergel, president and CEO of NERC. “It therefore requires a different approach; one that allows for more expedient treatment of critical information, urgent action on standards, and more thorough threat analysis and risk assessment.”

“As the Electric Reliability Organization in the U.S. and home to the Electric Sector Information Sharing and Analysis Center (ES-ISAC), we are seeking to enhance and focus our existing efforts by putting the organizational structure in place to better support a more comprehensive treatment of these critical issues,” he continued. “One of our key initiatives in this area is the recent formation of the Electric Sector Steering Group (ESSG), comprised of five industry chief executives, a NERC board member, and of which I am the Chairman. The group will be instrumental in guiding NERC as we execute the plans announced today.”

Commenting on today’s announcement, Barry Lawson, Chair of NERC’s Critical Infrastructure Protection Committee (CIPC), stated “NERC’s ongoing efforts to improve its ability to respond quickly and efficiently to cyber and physical security threats are critically important to reliability of the bulk power system and the CIPC continues to be supportive of their successful execution.”

Specific actions, as detailed in the letter, include:

Increasing NERC Expertise on Critical Infrastructure Protection and Cyber Security — NERC will formally establish the Critical Infrastructure Protection program as one of NERC’s program functions, alongside existing standards development, compliance and enforcement, and reliability assessment program areas. The establishment of this program will include the staffing of a Chief Security Officer position, who will serve as the single point of contact for the industry, the ESSG, and government regulators and stakeholders seeking to communicate with NERC on cyber and infrastructure security matters.

Consider Alternative Standard Setting Process for Cyber Security Standards —NERC will establish a task force to review, and where appropriate recommend, a standard setting process for cyber security that will include an emergency/crisis standards setting process. This process must provide a level of due process and technical review, but also provide the speed necessary to establish standards quickly and respond seamlessly to government agencies in the U.S. and Canada.

Expedited Review of Existing Cyber Standards —Working through the Standards Committee, NERC also seeks to accelerate the comprehensive review of its eight existing critical infrastructure protection standards to fully incorporate the directives from FERC, including the consideration of the extent to which elements of the National Institute of Standards and Technology (NIST) standards should be incorporated therein or within new standards.

Facilitate Joint Collaboration on Cyber Security — NERC, working with the Federal Energy Regulatory Commission in the U.S. and relevant governmental authorities in Canada, will organize a briefing for the ESSG, the NERC CEO, and senior level utility executives across all stakeholder groups on cyber security threats.

Related News

ontario electricity future

Ontario's electric debacle: Liberal leadership candidates on how they'd fix power

TORONTO - When Kathleen Wynne’s Liberals went down to defeat at the hands of Doug Ford and the Progressive Conservatives, Ontario electricity had a lot to do with it. That was in 2018. Now, two years later, Ford’s government has electricity issues of its own.

Electricity is politically fraught in Ontario. It’s among the most expensive in Canada. And it has been mismanaged at least as far back as nuclear energy cost overruns starting in the 1980s.

From the start Wynne’s government was tainted by the gas plant scandal of her predecessor Dalton McGuinty and then she created her own with the…

READ MORE
UK in a Changing Europe

Opinion: UK Natural Gas, Rising Prices and Electricity

READ MORE

Las Pailas plant, Costa Rica

Costa Rica hits record electricity generation from 99% renewable sources

READ MORE

powerlines

The Banker Trying to Fix the UK's Electricity Grid

READ MORE

powerlines

Data Center Boom Poses a Power Challenge for U.S. Utilities

READ MORE