Recent high-profile incidents at utilities, including a cyber event at a water plant in Kansas last week, have drawn attention to the vulnerabilities in the supply chain of cybersecurity systems. In response to these incidents, the US Federal Energy Regulatory Commission (FERC) has called for updated standards to enhance the resilience of the US bulk power system.
During its September meeting, FERC requested that the North American Electric Reliability Corporation (NERC) develop a more robust supply chain security standard specifically tailored for power plants. This standard would require utilities to identify supply chain risks related to cybersecurity systems for the electrical grid, assess and validate information provided by vendors during procurement, and document, track, and respond to these risks on a regular basis. Additionally, FERC directed NERC to include protected cyber assets (PCAs) within the scope of supply chain scrutiny to fortify the security of critical infrastructure.
In addition to addressing supply chain safety, FERC also focused on internal network security monitoring (INSM) at the same meeting. This monitoring involves the tracking of network traffic within an electronic security perimeter to detect any suspicious activity that may evade traditional security measures. By monitoring communication within the “trust zone” of a network, INSM provides an early warning system for potential intrusions and offers a comprehensive view of the extent of a cyber attack.
FERC’s proposal to approve the Reliability Standard CIP-015-1, which mandates INSM within electronic security perimeters, highlights the commission’s commitment to enhancing cybersecurity measures for critical infrastructure. However, FERC has requested NERC to expand the scope of INSM to include systems outside of electronic security perimeters, such as physical and electronic access control systems. This broader implementation of INSM aims to strengthen overall network security and bolster defenses against potential cyber threats.
Overall, the recent discussions at FERC underscore the growing emphasis on supply chain security and internal network monitoring in safeguarding the US bulk power system against cyber attacks. By updating standards and expanding monitoring capabilities, regulatory bodies and industry stakeholders are taking proactive steps to mitigate the risks associated with cybersecurity vulnerabilities and ensure the resilience of critical infrastructure in the face of evolving threats.