No enterprise is completely immune to cyber-attacks or breaches, but a proactive, all-encompassing strategy can eliminate many of these threats.
Today, many Electrical Utilities and Cooperatives do not have the layered security controls in place to defend against or identify an attack in a timely fashion.InfoSight’s CIP Gap Analysis addresses the “Required Entities” and requirements that fall under the NERC – CIP. This Gap Analysis identifies gaps in security systems and processes and assists organizations in attaining total NERC – CIP Compliance. Our information security assessors will work closely with your organization’s information assurance, management and technical teams to strengthen the overall compliance posture of the organization.
Our Gap Analysis can also be expanded to provide recommendations to adequately address risks with a “Remediation Roadmap”.
The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC – CIP) consists of 45 requirements and 9 standards that are designed to secure assets for operating in North America’s bulk electric system. If you are a Required Entity operating a Bulk Electric System (BES), you fall under CIP Compliance Requirements, meaning you must have an appropriate plan of action in place to ensure the security of all assets. BES Cyber Assets must be classified as High, Medium or Low Impact and meet all CIP Regulatory compliance and regulations. It is the responsibility of the Required Entity to safeguard BES Cyber Assets and prevent an attack that can do irreparable damage and lead to severe consequences, which are subject to penalties under federal law.