Ampyx Cyber Blog
The Intersection of Regulation & Resilience
CIP-015 Clarified: Mixed-use PACS/EACMS and What’s Actually In Scope
FERC Order 907-A clarifies CIP-015 on shared networks. INSM must monitor only east-west traffic used for access monitoring of EACMS and PACS. Non-CIP assets and data flows are out of scope, even in mixed-use or commingled PACS/EACMS environments. Learn practical patterns to filter collection, segment analytics, and produce audit-ready evidence.
Monitoring Meets Mandate: Will the Next CIP-015 Standard Deliver on FERC’s Vision?
FERC approved CIP-015-1, but also ordered NERC to expand it. The new SAR outlines how INSM requirements will extend beyond the ESP to include EACMS and PACS systems. This post breaks down how the SAR aligns with FERC’s directive, what still needs attention, and why internal visibility is no longer optional.
FERC Finalizes INSM Standard: CIP-015-1 and the New Visibility Mandate for the Grid
On June 26, the Federal Energy Regulatory Commission issued Order No. 907, approving the new NERC Reliability Standard CIP-015-1: Cyber Security – Internal Network Security Monitoring (INSM). This marks a critical shift in how we approach cybersecurity within the Bulk Electric System. It also raises the bar significantly on what’s expected for visibility inside the network perimeter.