Utility companies nationwide are angst-ing about Friday. Not because it’s a long weekend, but because July 1 marks the end of the extended deadline for compliance – imposed by the Federal Energy Regulation Commission (FERC) – with NERC’s(N. American Electric Reliability Corp.) Critical Infrastructure Protection (CIP) V5 standards.
Why is this important?
- Organizations in NERC’s jurisdiction serve more than 334 million people, and includes users, owners, and operators of the bulk power system.
- America’s energy plants and other critical infrastructure are immensely dependent on technology, yet legacy devices in our nation’s power grids don’t even have the memory necessary to be upgraded
- Our national power and utilities plants at imminent risk for attack – the likes of which we’ve recently seen in Japan, Ukraine.
In anticipation of this looming deadline, here’s a statement from Ray Rothrock, cybersecurity expert and CEO of RedSeal.
Ray Rothrock, Cybersecurity Expert and CEO at RedSeal:
“Critical infrastructure organizations need to act immediately, and anything less is failing to recognize that compliance means protecting the populace from the consequences of attacks intended to damage a nation. U.S. citizens have the right to expect that their country is building the necessary network models, and ensuring automated analysis and auditing of the as-built network to create essential cyber security and digital resilience; as well as aligning those efforts with industry best practices as reflected in the NERC CIP compliance requirements. Delays rarely result in what the various parties hope, as demonstrated by previous delays in the Payment Card Industry Data Security Standard, however I hope the extra time means compliance – and resilience – is on the horizon.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…