The Federal Energy Regulatory Commission (FERC) has proposed a revision of the Critical Infrastructure Protection (CIP) Reliability Standards to enhance awareness of existing or developing cybersecurity threats to the nation’s energy infrastructure.
FERC issued a Notice of Proposed Rulemaking (NOPR) on December 21 that directs the North American Electric Reliability Corp. (NERC) to broaden CIP-008-5 (Cyber Security—Incident Reporting and Response Planning) and include mandatory reporting of cybersecurity incidents that compromise, or attempt to compromise, a responsible entity’s Electronic Security Perimeter (ESP) or associated Electronic Access Control or Monitoring Systems (EACMS).
