NERC Critical Infrastructure Protection (CIP) Cyber Security Standards

Our expert security consultants review every element of your NERC-CIP compliance

Our expert security consultants review every element of your NERC-CIP compliance, including: policies, procedures, configuration management, certification and accreditation, remediation plans, and security awareness training.

Identifies gaps in your agency's security program and NERC-CIP reporing

Highlights

Highlights

Service detail

Service details

IBM Security Services' helps clients adhere to the comprehensive reliability standards that North American Electric Reliability Corporation (NERC) defined requirements for planning and operating the collective bulk power system. Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which are intended to ensure the protection of the Critical Cyber Assets that control or effect the reliability of North America's bulk electric systems.

Standard Summary IBM Security Solutions
CIP-002-1
Critical Cyber
Asset
Identification
All network assets must be audited to identify Critical Cyber Assets. A risk-based assessment methodology should be utilized with annual reviews.
CIP-003-1
Security
Management
Controls
Policies with adherence monitoring and change control must be documented and in place.
Change control policies and processes must be adhered to.
Definitions and documentation on access control levels for critical assets such as Internet facing systems and critical backend solutions. Solutions should be in place to mitigate risks.
CIP-004-1
Personnel and Training
Employees should be trained on policies, access controls and general awareness issues around Social Engineering.
Background checks should be performed on all users with access to computer assets.
CIP-005-1
Electronic
Security
Protection
An Electronic Security Perimeter should be established that provides the following:
CIP-006-1
Physical
Security
Program
Physical Security controls should be documented and implemented that provide perimeter monitoring and logging along with robust access controls. All cyber assets used for Physical Security are considered Critical and should be treated as such.
CIP-007-1
Systems
Security
Management
All methods, processes and procedures for securing Critical Assets and all technology solutions should be well-defined and include automated controls. System and network events should be monitored automatically with alerts sent to key personnel.
An annual vulnerability assessment should be performed.
CIP-008-1
Incident
Response and Reporting
All cyber security incidents should be addressed by an internal computer incident response team (CIRT) and reported to the Electricity Sector Information Sharing and Analysis Center (ES ISAC).
CIP-009-1
Disaster
Recovery
A disaster recovery plan should be created and tested with annual drills

Related resources

Find studies, papers and briefs on this topic

NOTE: JavaScript is disabled in your browser. SSI information is only available when JavaScript is enabled.