Ampyx Cyber Blog
The Intersection of Regulation & Resilience
FERC’s New Proposed Rule on Supply Chain Risk Management (SCRM)
The Federal Energy Regulatory Commission (FERC) has released a new Notice of Proposed Rulemaking (NOPR) under Docket No. RM24-4-000, focusing on supply chain risk management (SCRM) for the Bulk-Power System (BPS). This proposed directive aims to fill critical gaps in existing NERC Critical Infrastructure Protection (CIP) standards and bolster the defenses of our nation’s critical infrastructure.
Is SBOM the answer?
Government and industry experts have recently pointed to software bill of materials (SBOM) as a requirement for organizations, but what are you getting? David Foose spends some time exploring aspects of SBOM fever.
A former vendor's take on CIP-013 Supply Chain Risk Management
David Foose, a former vendor, takes us on a brief walk through the history and the justifications Supply Chain Security and the birth of NERC CIP 13. With this, we explore what might have been and where it may have unfortunately veered off into constant contract negotiation entities find themselves today.
Ask An Expert
GOT A TOUGH QUESTION?
Sometimes you just need to phone a friend. Ask us anything, any time. You don’t need to be an existing or prospective client. No cost, no hassle and no commitment. We will not put you on a contact list and our sales team won’t harass you. We will always respect your privacy. We promise. Just real answers from real experts for real problems.