Ampyx Cyber Blog
The Intersection of Regulation & Resilience
FERC’s New Proposed Rule on Supply Chain Risk Management (SCRM)
The Federal Energy Regulatory Commission (FERC) has released a new Notice of Proposed Rulemaking (NOPR) under Docket No. RM24-4-000, focusing on supply chain risk management (SCRM) for the Bulk-Power System (BPS). This proposed directive aims to fill critical gaps in existing NERC Critical Infrastructure Protection (CIP) standards and bolster the defenses of our nation’s critical infrastructure.
Reporting Cyber Incidents under DHS CIRCIA’s Proposed Rulemaking
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on April 4, 2024 published its proposed rules requiring critical infrastructure entities to report significant cyber incidents and ransom payments to CISA. The proposed regulations are intended to consolidate, fortify, and strengthen the United States’ cyber defenses in critical infrastructure (CI) sectors.
Embracing AI for the Electric Grid: Insights from NERC
In the rapidly evolving landscape of the electric sector, the integration of cutting-edge technologies is not just an option; it's a necessity. Among these, artificial intelligence (AI) stands out as a transformative force, offering unprecedented opportunities to enhance grid reliability, security, and efficiency. Recognizing this potential, the North American Electric Reliability Corporation (NERC) has provided insightful comments on how AI can be harnessed to address the challenges and opportunities within the electric grid.
CIP-015: The Crucial Role of INSM in Strengthening Grid Security
introduction of CIP-015, a new regulation aimed at enhancing grid security by mandating Internal Network Security Monitoring (INSM) for high and medium impact Bulk Electric System (BES) Cyber Systems. This development, initiated by FERC Order No. 887, responds to the need for robust monitoring within trusted network zones to detect and mitigate potential cyber threats. CIP-015 emerges as a standalone standard after industry feedback suggested that INSM requirements did not align well with existing frameworks, shifting towards an objective-based rather than prescriptive approach.
FERC Chairman's Reliability Report: A Year in Review
In 2023, FERC Chairman Willie L. Phillips' report highlighted advancements in U.S. power grid reliability, focusing on enhanced cybersecurity measures, physical grid security improvements, and resilience against extreme weather. Key initiatives included the implementation of new cybersecurity standards, incentive-based cybersecurity investments, and transmission reforms to accommodate evolving energy resources. These efforts underscore FERC's commitment to maintaining a resilient and secure electric grid.
NERC's New INSM Regulation: Assessing Impact and Ambiguity
The recent draft release of NERC's new CIP Standard for Internal Network Security Monitoring (INSM) sparks a conversation filled with anticipation and skepticism. With directives from FERC Order 887 echoing in its language, the draft attempts to navigate through the challenges of creating a new regulation to address situations where vendors or individuals with authorized access are considered secure and trustworthy but could still introduce a cybersecurity risk.
Embracing the Cloud: A New Era for BES Operations
This insightful blog post delves into the critical aspects of cloud migration, offering a strategic roadmap for businesses. It emphasizes the importance of a well-thought-out plan, highlighting the need for compatibility assessment, data security, and cost management. The article also stresses the significance of choosing the right cloud provider and preparing the workforce through training and support. This guide is an essential resource for organizations seeking to navigate the complexities of transitioning to cloud computing, ensuring a seamless and successful migration.
Understanding NERC's CIP-004-7 and CIP-011-3: A Deep Dive into BCSI Access, Cloud Challenges, and Encryption
Stay ahead of the curve with a comprehensive overview of NERC's new Critical Infrastructure Protection (CIP) standards, CIP-004-7 and CIP-011-3, set to be effective from January 1st, 2024. Understand the pivotal changes concerning BES Cyber System Information (BCSI) access, the nuances of cloud BCSI, and the strategic choices around encryption.
Inverter-Based Resources - Guide to Potential NERC CIP Impacts of Upcoming Regulatory Changes
Upcoming NERC regulatory changes are expected to result in a significant increase in registrations of inverter-based resources, resulting in the likelihood of control centers to be categorized as North American Electrical Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Medium-Impact Control Centers and/or Low-Impact Control Centers and correspondingly to meet the relevant NERC CIP requirements.
The European Union's Upgraded NIS2 Cybersecurity Framework
The European Union, with its commitment to digital governance and cyber protection, has recently updated its foundational cybersecurity framework, repealing the previous Network and Information Systems Directive (“NIS”) with the NIS2 Directive. Take a dive into the notable changes, implications, and suggested actions for businesses that fall under its scope.
NERC Initiates Data Collection on INSM for Low Impact CIP Assets
NERC has initiated the Internal Network Security Monitoring (INSM) Data Request in response to a directive from FERC. This effort aims to gather data on the risks of not implementing INSM in medium and low impact BES Cyber Systems. NERC is collecting information from utilities in the electric power industry regarding facility numbers, network configurations, malicious code detection, implementation challenges, and alternative solutions. The data must be submitted by July 25, 2023.
New Low Impact NERC CIP-003-9 Regulations: Vendor Supply Chain Security
On March 16 2023, FERC issued a new Order approving NERC CIP-003-9 introducing new requirements for vendor electronic remote access security controls to low impact BES Cyber Systems. These new security controls are intended to allow detection and the ability to disable vendor remote access in the event of a known or suspected malicious communication.
New cybersecurity controls for vendor access to low impact NERC CIP assets
FERC has approved new cybersecurity standards to improve risk management practices and supply chain risk management for low impact assets. The new standards, designated CIP-003-9, require utilities to establish and maintain a documented supply chain cyber risk management plan and implement vendor-focused cybersecurity protections for their low impact BES Cyber Systems.
Securing Control Center communications is more than encryption
While encryption meets the security objective of CIP-012, entities can utilize additional security controls to provide a defense in depth approach and in some cases utilize controls other than encryption.
The new National Cybersecurity Strategy: what does it mean for you?
The White House issued its new National Cybersecurity Strategy on Thursday, laying out its plan for securing the country from cyberattacks. Patrick C. Miller answers questions about the strategy and how it could impact you.
A former vendor's take on CIP-013 Supply Chain Risk Management
David Foose, a former vendor, takes us on a brief walk through the history and the justifications Supply Chain Security and the birth of NERC CIP 13. With this, we explore what might have been and where it may have unfortunately veered off into constant contract negotiation entities find themselves today.
Alexa, can you tell me when my grid is hacked?
A new addition to the NERC CIP regulation is coming for the electric sector requiring anomaly detection and internal network security monitoring to detect active attacks on critical systems.
The importance of network segmentation for critical infrastructure
Network Segmentation - creating specialized, highly-protected network segments for critical systems - can provide necessary isolation and defense against ransomware and other attacks on critical infrastructure.
Internal network security monitoring for visibility
Internal Network Security Monitoring (INSM) - visibility into what’s happening on your internal OT/ICS networks - is showing up in important places like the National Security Memorandum, CISA guidance and FERC rulemaking notices.
There is a better way to do this: why critical infrastructure cybersecurity regulations are heading in the wrong direction
I helped write and establish the NERC CIP regulations. But now I want change. There is a way to save time, money and headaches while actually improving security for critical infrastructure.