FERC proposes new rule to strengthen systems against cyberattacks
The Federal Regulatory Energy Commission (FERC) has released a proposal that would require internal network security monitoring (INSM) for high- and medium-impact bulk electric grid cyber systems.
The proposed rule is designed to strengthen FERC’s Critical Infrastructure Protection (CIP) Reliability Standards. It would direct the North American Electric Reliability Corporation to develop and submit new or modified Reliability Standards to address a gap in the current standards.
Under the current CIP reliability standards, network security monitoring is focused on defending the electronic security perimeter of networks. However, this new proposed rule looks to address concerns that the existing standards do not address potential vulnerabilities of the internal network to cyber threats.
INSM addresses situations where vendors or individuals with authorized access that are considered trustworthy might introduce a cybersecurity risk. For example, the SolarWinds attack in 2020 showed how an attacker can bypass security controls used to identify and thwart attacks by leveraging a trusted vendor to compromise the networks of public and private organizations.
Incorporating INSM requirements into the CIP Reliability Standards would help utilities maintain visibility over communications in their protected networks. This, in turn, can help detect an attacker’s presence and movements and give the utility time to take action before it’s too late. INSM also helps to improve vulnerability assessments and can speed recovery from an attack.
FERC is seeking comment on all aspects of the proposed directive to develop and submit new or modified Reliability Standards. Comments are due 60 days after publication in the Federal Register.
