FERC Finalizes Cybersecurity Standards for Grid Supply Chain

The Federal Energy Regulatory Commission approved new mandatory reliability standards Thursday to deal with cybersecurity risks to the supply chain management for the U.S. bulk electric system.

FERC’s final rule approves standards proposed by the North American Electric Reliability Corp. These critical infrastructure protection (CIP-013-1) standards deal with supply chain risk management for industrial control system hardware, software, computing and networking services.

The Commission notes that while the global supply chain provides opportunity for significant benefits to customers, it also presents opportunities to affect management or operations of generation or transmission companies that may result in risks to end-users.

In today’s final rule, FERC said NERC’s supply chain risk management Reliability Standards require each affected entity to develop and implement a plan that includes security controls for supply chain management for industrial control system hardware, software and services associated with bulk electric system operations.

Read more…
Source: Power Engineering