What is interactive remote access?
Interactive Remote Access means user-initiated access by a person employing a remote access client or other remote access technology using a routable protocol.
What is NERC CIP access?
NERC Critical Infrastructure Protection (NERC CIP) is a set of requirements designed to secure the assets required for operating North America's bulk electric system.
What is NERC in cyber security?
The NERC CIP standards require utility companies in North America to establish and adhere to a baseline set of cybersecurity measures. The goal is to ensure that appropriate security controls are in place to protect BES and its users and customers from all threats that may affect its timely and effective functioning.
What is external routable connectivity?
External Routable Connectivity (ERC) – The ability to access a BES Cyber System from a Cyber Asset that is outside of its associated Electronic Security Perimeter via a bi-directional routable protocol connection.
What requirements must be met to obtain CIP access?
The requirements include policies meant to restrict access to physical assets, implement physical access controls, monitor unauthorized access, implement an alert system, continually monitor physical access controls, keep extensive logs of physical access, and maintain the physical access control systems over time.
Is NERC CIP mandatory?
The NERC CIP standards are the mandatory security standards that apply to entities that own or manage facilities that are part of the U.S. and Canadian electric power grid.
What are NERC standards?
NERC Reliability Standards define the reliability requirements for planning and operating the North American bulk power system and are developed using a results-based approach that focuses on performance, risk management, and entity capabilities.
How many NERC standards are there?
11 standardsThe NERC CIP consists of 11 standards that are for protection against cybersecurity attacks. Not only does it offer protection but it offers the opportunity to create help protection plans and habits within your company. Assess your NERC CIP Compliance!
What is NERC training?
The purpose of the training is to assist reporters in using a uniform approach to reporting and measuring North American generating plant availability, performance, and other related reliability data.
Why is NERC CIP important?
This is one of the most important standards of all. It ensures that all responsible parties have recovery plans in place in the event of a critical attack that could damage infrastructure or halt the operation of a critical asset.
What does NERC stand for?
About NERC. The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid.
What is the intent of the NERC CIP standards?
The primary purpose of NERC CIP-003-6 is to establish clear accountability for the protection of the BES Cyber Systems of North America through the delegation of authority and the identification of a senior manager responsible for the policy development of consistent and sustainable security management controls.
Who has to follow NERC standards?
Regardless of weather, personnel training, or cyberthreats, it takes planning, oversight, coordination, and standards to keep electricity flowing to the over 300 million users across North America. The work and regulatory oversight of NERC provides the protections needed for this critical infrastructure.