NERC CIP: Continuous Implementation Project or Change Induced Panic?

For electric utilities in the United States and Canada, the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) reliability standards provide baseline security requirements for power systems and their interconnected facilities and equipment. While there are technical and organizational challenges with ongoing compliance, many utilities have matured their security programs as a result of these requirements and improved their security posture. Changes however are coming.

Join Tim Conway, Technical Director – ICS and SCADA programs at SANS, and Jason D. Christopher, Principal Cyber Risk Advisor at Dragos, for a technical and compliance-driven discussion about evolving topics including:

• New reporting requirements for security incidents
• Considerations for virtualization
• Changes to control center communications