在此列表中
电力

FERC takes initial step to address internal network threats through cyber standards

能源 | Energy Transition

Platts全球一体化能源模型

能源 | 石油 | 电力 | 天然气 | 成品油 | 燃料油 | 核能 | 原油 | Shale Gas

俄罗斯对美原油出口凸显拜登在乌克兰谈判中面临的风险

金属 | 有色金属 | 钢材

英特尔计划2025年前在俄亥俄州建设两家芯片工厂

FERC takes initial step to address internal network threats through cyber standards

亮点

Could direct NERC to develop reliability standards

Requests comments on standards for low-impact systems

The Federal Energy Regulatory Commission voted unanimously Jan. 20 to solicit comments on a proposal to direct the North American Electric Reliability Corporation to develop new or modified cyber reliability standards for the bulk power system.

尚未注册?

接收每日电子邮件提醒、订阅用户通知并获得个性化体验。

立即注册

Once the commission receives comments on the draft notice of proposed rulemaking, it will determine whether to adjust the provisions of a final rule directing NERC to develop such reliability standards.

If FERC goes forward, NERC will be tasked with creating critical infrastructure protection reliability standards, requiring entities to monitor the internal security networks of their high- and medium-impact bulk electric system cyber systems, according to a FERC release (RM22-3).

"This is a subject that all of us are keenly aware of, and I appreciate the unanimity that we have around the concerns that are hopefully going to be addressed by this proceeding," Commissioner James Danly said during FERC's Jan. 20 monthly meeting.

The draft received bipartisan support from the commission, with members pointing to the importance of improved cyber security within the bulk power system.

Commissioner Allison Clements said cyberattacks pose an ongoing threat that will require the electric system to constantly work to catch up and keep up, adding that the NOPR is "certainly a good step in the right direction."

Clements and Commissioner Willie Phillips called on NERC to quickly take action, especially given the many steps included in developing such procedures.

"I hope that NERC will find a way to expedite the process so that the benefits and protections of internal network monitoring can be realized as soon as possible," Phillips said.

New standards

Current reliability standards focus on preventing hackers from accessing these systems at the network perimeter, FERC said. But the NOPR would focus on standards dedicated to internal network security monitoring, an area not addressed by existing standards.

This change aims to help improve communications inside the network, with early detection helping to limit a hacker's ability to take control of important equipment, FERC said. Faster detection can help facilitate more efficient mitigation and recovery from cyberattacks while also improving vulnerability assessments.

For example, the 2020 SolarWinds attack showed how a system perimeter breach can occur with a trusted vendor that then is able to infiltrate internally. There have been several other high-profile cyberattacks recently, including the Colonial Pipeline ransomware attack in May 2021 that forced the operator to shut down the oil pipeline for nearly a week, affecting millions of people along the East Coast.

Additionally, the draft NOPR requests comments on potentially using such standards for networks with low-impact bulk electric system cyber systems.

Comments on the draft NOPR are due 60 days after its publication in the Federal Register.