Automated NERC CIP Compliance
Security and Compliance for Power
Although NERC’s adoption of permanent reliability standards, CIP -002-1 through CIP-009-1, has brought increased awareness and attention to the need for industrial network security, many questions remain on compliance scope and satisfaction. Power companies must now ask, "Where do we stand?" and "What do we need to do to be compliant?"
To answer these questions properly requires a detailed review of existing processes, documentation and records. These questions need to be asked not only for control centers, but for substations, generation plants, switching stations, and other remote facilities. To even ask the right questions requires comprehensive knowledge of the CIP Standards, the technology and the industry itself.
Challenges
Your electronic security perimeter encompasses a wide scope of assets that need to be monitored. Manual reporting systems may seem cost effective; however they require constant effort to document and maintain compliance, and are prone to human error. Given the costs of labor and potential fines upwards of $1 Million, automating the compliance process significantly reduces these expenses while ensuring network security.
Our Solution
As a voting member of the Control Systems Security Work Group, we intimately understand NERC CIP compliance. Using this information and insight into industry requirements, we have developed the expertise to accurately assess your facility’s needs, develop a customized strategy, and deploy a sustainable solution that will ensure that any facility maintains its NERC CIP Compliance.