The Federal Energy Regulatory Commission (FERC) is tasked with keeping our electric grid safe and maintaining reliable and secure energy for U.S. consumers. On January 20, FERC issued a Notice of Proposed Rulemaking (NOPR) that proposes to strengthen its Critical Infrastructure Protection Reliability Standards by requiring internal network security monitoring for high and medium impact
Responding to Cyber-Attacks in the Utility and Energy Sectors
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) recently issued a report on best practices to respond to and recover from cybersecurity incidents in the utility industry.
Like other industries, the utility industry is at high risk for cyber-attacks…
Cybersecurity and the Electric Grid – New GAO Report Identifies Actions Needed to Address Cybersecurity Risks
The United States Government Accounting Office (GAO) recently issued a report on the cybersecurity risks facing the electric grid. The GAO reviewed the cybersecurity of the electric grid to determine the risks and challenges facing the grid, to describe federal efforts to address those risks, to assess the extent to which the Department of Energy…
FERC Requires New NERC Reliability Standards for Reporting Cyber Incidents
The Federal Energy Regulatory Commission (FERC) announced on July 19, 2018, that it is directing the North American Electric Reliability Corporation (NERC) “to develop and submit modifications to the NERC Reliability Standards to augment the mandatory reporting of cybersecurity incidents, including incidents that might facilitate subsequent efforts to harm the reliable operation of the bulk…
NIST Issues Energy Sector Asset Management Project
According to the National Institute of Standards and Technology (NIST), the energy sector relies on industrial control systems assets to “generate, transmit, and distribute power and to drill, produce, refine, and transport oil and natural gas.” These industrial control systems include supervisory control and data acquisition (SCADA) systems, distributed control systems, programmable logic controllers and…
FERC Proposes New Cybersecurity Rules for Electric Grid
The Federal Energy Regulatory Commission (FERC) has proposed new rules to enhance cybersecurity for the electric grid in the U.S., which includes security management controls to specifically respond to risks associated with malware.
FERC suggested that the North American Electric Reliability Corporation, the nonprofit that helps regulate the U.S. electric utility industry, implement “mandatory controls…