Feds revise power grid cybersecurity standardDavid Wagman | June 24, 2019
The Federal Energy Regulatory Commission (FERC) voted to expand reporting requirements for cyber incidents involving attempts to compromise operation of the electric power grid.
The approved new Critical Infrastructure Protection Reliability Standard CIP-008-6 (Cyber Security — Incident Reporting and Response Planning) now requires reporting of cybersecurity incidents that either compromise or attempt to compromise electronic security perimeters, electronic access control or monitoring systems, and physical security perimeters associated with cyber systems.
FERC said the new Reliability Standard also encompasses disruptions or attempts to disrupt the operation of a bulk electric system's cyber systems. (Read the FERC order.)
Under the standard, each responsible entity will be required to develop criteria for identifying an attempt to compromise a cyber asset and then apply those criteria during its cybersecurity incident identification process.
The action is intended to close a gap in the prior Critical Infrastructure Protection Reliability Standards that required entities to report only when an incident had compromised or disrupted one or more reliability tasks.
FERC previously directed the North American Electric Reliability Corp. (NERC) to enhance the reporting of cybersecurity incidents out of concern that the existing standards may understate the true scope of threats by excluding from reporting incidents that could facilitate subsequent efforts to harm the reliable operation of the grid.
The revised standard also addresses the information to be included in cybersecurity incident reports, their dissemination and deadlines for filing. Reports and updates will be sent to the Electricity Information Sharing and Analysis Center and the Department of Homeland Security’s National Cybersecurity and Communications Integration Center.