NERC CIP (the North American Electric Reliability Corporation Critical Infrastructure Protection program) is an set of international requirements intended to secure the critical infrastructure for North America's bulk electric system. The requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. NERC CIP compliance applies to companies – owners, operators, and users – that materially impact" the reliability of our bulk power system. While a compliance failure can be addressed, a cyber incident involving a utility could be disastrous, keeping risk and compliance managers awake at night.
The NERC requires policies for defining, monitoring, and changing the configuration of critical assets, as well as defined, dynamic policies governing access to those assets. Risk and compliance managers must develop standards, provide ongoing risk assessment, plan for business continuity in case of disruption, enforce IT controls, and share important information with different stakeholder around the company.
Thank you for subscribing! Please be sure that @navexglobal.com is on your company's safe sender list to ensure our emails reach your inbox!