The goal is to increase coordination between the public and private sectors in cyber security and raise the profile and priority of cyber security across the electric industry. This year, NERC has been busy expanding its cyber security standards and assessments. Here’s a list of recent programs:
Revised cyber security standards recently approved (additional revisions are under way). In May 2009, NERC approved revisions to its eight cyber security standards after the proposed revisions reached an 88 percent approval rating. The standards have been fielded for regulatory approval by the United States and are already mandatory and enforceable in Canada. Work on phase two revisions continues with initial industry validation on track for the fourth quarter of 2009.
Special cyber risk preparedness assessment to begin. An industry-led voluntary assessment will soon begin to focus on detection, response and mitigation capabilities for cyber incidents. The assessment is coordinated by NERC and it will look beyond NERC’s current cyber security standards for practices, procedures and technologies that contribute to cyber preparedness across the industry.
Secure alerting portal enters pre-launch testing phase. NERC’s next-generation secure alerting portal has begun beta testing in preparation for formal launch in this summer. The new portal will facilitate NERC’s alerts process, which will allow NERC to notify nearly 5,000 industry personnel at utilities, grid operation centers, power plants and transmission facilities of emerging vulnerabilities.
Electric industry education initiative. NERC is finishing up plans to conduct a series of educational events designed to help power companies comply with cyber security standards. The sessions will also promote a better understanding of the effect of cyber risks. These will begin with a series of webinars.
Related Feature - Cyber Security—A Must for the Grid
To read the feature article relating to this story, go to www.automationworld.com/feature-5824.