On July 16, 2015, the Federal Energy Regulatory Commission (FERC) issued a proposal designed to improve the cyber security of the bulk electric system. The proposal would revise critical infrastructure protection (CIP) Reliability Standards to address risks to communication networks and related bulk electric system assets and the development of standards for supply chain management security controls to protect the bulk electric system from security vulnerabilities and malware threats.
The Notice of Proposed Rulemaking (NPR) seeks comment on seven revisions to the current CIP Reliability Standards, proposed by the North American Electric Reliability Corporation, which would modify the scope and applicability of certain CIP Standards to protect communication links and sensitive data among bulk electric system Control Centers. The NPR also seeks comments on controls for transient electronic devices used on the bulk electric system. Comments on the proposal are due within 60 days of publication in the Federal Register.