The Federal Energy Regulatory Commission (“FERC”) issued a final rule (Order No. 887) directing the North American Electric Reliability Corporation (“NERC”) to develop new or modified Reliability Standards that require internal network security monitoring (“INSM”) within Critical Infrastructure Protection (“CIP”) networked environments. This Order may be of interest to entities that develop, implement, or maintain hardware or software for operational technologies associated with bulk electric systems (“BES”).
The forthcoming standards will only apply to certain high- and medium-impact BES Cyber Systems. The final rule also requires NERC to conduct a feasibility study for implementing similar standards across all other types of BES Cyber Systems. NERC must propose the new or modified standards within 15 months of the effective date of the final rule, which is 60 days after the date of publication in the Federal Register. Continue Reading FERC Orders Development of New Internal Network Security Monitoring Standards