Download:
pdf |
pdfJanuary 21, 2016
News Media Contact
Craig Cano | 202-502-8680
Docket No. RM15-14-000
Item No. E-2
FERC Adopts Improvements to Critical Infrastructure Protection Standards
The Federal Energy Regulatory Commission (FERC) acted today to improve the cyber security of the bulk electric
system by approving revisions to seven critical infrastructure protection (CIP) Reliability Standards, including
requirements for personnel and training, physical security of the bulk electric system’s cyber systems and information
protection.
Today’s final rule adopts revisions proposed in a July 16, 2015, Notice of Proposed Rulemaking (NOPR). It also directs
the North American Electric Reliability Corporation (NERC), the Commission-certified electric reliability organization,
to develop modifications to address:
•
•
•
Protection of transient electronic devices used at low-impact bulk electric system cyber systems;
Protections for communication network components between control centers; and
Refinement of the definition for low-impact external routable connectivity.
Further, NERC must conduct a study that assesses the effectiveness of the CIP remote access controls, the risks posed
by remote access-related threats and vulnerabilities, and appropriate mitigating controls.
The rule does not address a proposal in the NOPR directing NERC to develop requirements for supply chain
management for control system hardware, software and services. That proposal will be the subject of a January 28,
2016, staff-led technical conference, after which the Commission will determine the appropriate next step.
The final rule takes effect 65 days after publication in the Federal Register.
R-16-9
(30)
File Type | application/pdf |
File Title | Headline |
Author | cncea |
File Modified | 2016-01-21 |
File Created | 2016-01-21 |