What is the North American Electric Reliability Corporation (NERC?)
Throughout North America there runs an interconnected network of electricity comprised of transmission and control centers referred to as the bulk electric system. The bulk electric system is directly responsible for providing generation resources to local electrical systems located throughout the continent. In the United States, bulk power is regulated, monitored and protected by the North American Electric Reliability Corporation (NERC).
Should the bulk electric system ever be compromised through a cyberattack, the effects would be devastating. In fact, according to the U.S. Cyber Consequence Unit, even one wave of cyberattacks on critical infrastructure in the U.S. alone could exceed $700 billion worth of damage. Such a disaster would be akin to 50 large-scale hurricanes striking at once.
Such an invasion is simply not an option. Therefore, the NERC takes measures to ensure that the bulk electric system and its critical assets remain free of third-party tampering. The NERC establishes critical asset protection through eight CIP standards. Failure to comply with these standards could cost an organization upwards of $1,000,000—per day.
In order to be considered in good standing with the NERC, a utility company must undergo a thorough inspection. Here is a list of at the eight standards an organization needs to be aware of in order to stay in compliance with the NERC:
- Critical Cyber Assets
- Security Management Controls
- Personnel and Training
- Electronic Security
- Physical Security
- Systems Security Management
- Incident Reporting and Response Planning
- Recovery Plans
For a detailed look at how your company can stay in compliance with NERC standards and avoid being penalized, check out this whitepaper.