The IT Law Wiki

NERC Critical Infrastructure Protection

32,057pages on
this wiki
Add New Page
Add New Page Talk0

Overview Edit

The North American Electric Reliability Corporation (NERC) developed the CIP standards that require the utilities to put a baseline set of security measures in place intended to protect the bulk power system. Currently, NERC-CIP is the only mandatory requirement that must be met by the electric utilities in the area of cybersecurity-related to operations, outside of customer data privacy.

NERC-CIP has the following nine sections:

  • CIP-001 Sabotage reporting
  • CIP-002 Critical Cyber-Asset Identification
  • CIP-003 Security Management Controls
  • CIP-004 Personnel and Training
  • CIP-005 Electronic Security Perimeter
  • CIP-006 Physical Security of Critical Cyber-Assets
  • CIP-007 Systems Security and Management
  • CIP-008 Incident Reporting and Response Planning
  • CIP-009 Recovery Plans for Critical Cyber-Assets.

Source Edit

Also on Fandom

Random Wiki