“The Federal Energy Regulatory Commission (FERC) approved eight new mandatory critical infrastructure protection (CIP) reliability standards to protect the nation’s bulk power system against potential disruptions from cyber security breaches. These reliability standards were developed by the North American Electric Reliability Corporation (NERC), which FERC has designated as the electric reliability organization (ERO)…The final rule, Mandatory Reliability Standards for Critical Infrastructure Protection, takes effect 60 days from the later of either the date Congress receives the agency notice of the rule, or the date the rule is published in the Federal Register.”
The eight CIP reliability standards address the following topics:
* Critical Cyber Asset Identification;
* Security Management Controls;
* Personnel and Training;
* Electronic Security Perimeters;
* Physical Security of Critical Cyber Assets;
* Systems Security Management;
* Incident Reporting and Response Planning; and
* Recovery Plans for Critical Cyber Assets.