Utility companies nationwide are angst-ing about Friday. Not because it’s a long weekend, but because July 1 marks the end of the extended deadline for compliance – imposed by the Federal Energy Regulation Commission (FERC) – with NERC’s(N. American Electric Reliability Corp.) Critical Infrastructure Protection (CIP) V5 standards.
Why is this important?
- Organizations in NERC’s jurisdiction serve more than 334 million people, and includes users, owners, and operators of the bulk power system.
- America’s energy plants and other critical infrastructure are immensely dependent on technology, yet legacy devices in our nation’s power grids don’t even have the memory necessary to be upgraded
- Our national power and utilities plants at imminent risk for attack – the likes of which we’ve recently seen in Japan, Ukraine.
In anticipation of this looming deadline, here’s a statement from Ray Rothrock, cybersecurity expert and CEO of RedSeal.
Ray Rothrock, Cybersecurity Expert and CEO at RedSeal:
“Critical infrastructure organizations need to act immediately, and anything less is failing to recognize that compliance means protecting the populace from the consequences of attacks intended to damage a nation. U.S. citizens have the right to expect that their country is building the necessary network models, and ensuring automated analysis and auditing of the as-built network to create essential cyber security and digital resilience; as well as aligning those efforts with industry best practices as reflected in the NERC CIP compliance requirements. Delays rarely result in what the various parties hope, as demonstrated by previous delays in the Payment Card Industry Data Security Standard, however I hope the extra time means compliance – and resilience – is on the horizon.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…