Achieving Compliance In The Smart Grid
In the energy business, strict compliance mandates could be all that stands between business as usual and a catastrophic, long-term power outage
[Excerpted from "Achieving Compliance In The Smart Grid," a new report published this week in Dark Reading's Compliance Tech Center.]
Every industry poses a unique set of challenges for security pros, but of all the industry verticals that we interact with on a daily basis, can you think of one more important or vital to our national security interests than the energy sector? An abrupt, large-scale power outage would be devastating, causing significant loss of life and billions of dollars in damages. That's why compliance in this arena is so important.
More Security Insights
- Forrester Study: The Total Economic Impact of VMware View
- Securing Executives and Highly Sensitive Documents of Corporations Globally
While the Bulk Electric System (BES) is particularly vulnerable, any utility that’s controlled by IP-connected SCADA systems is potentially vulnerable to manipulation or attack with catastrophic effects. The Critical Infrastructure Protection (CIP) reliability standards define the cybersecurity-related aspects of how BES providers must protect their systems to maintain the reliability of the grid.
As compliance mandates go, CIP is one of the most stringent and labor-intensive you will come up against. With that said, CIP is also a treasure trove of best practices even if you work outside of the energy space. CIP is split into nine core sections, each including a mandate. The sections that specifically pertain to smart grid cybersecurity are CIP-002 through CIP-009.
For a deeper look at all of the security-related CIP requirements -- and best practices for complying with each of them -- download the free report on NERC/CIP compliance.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.