Home » Magazine Archives » May 2007
Security Technology Executive
Most Read
Most Emailed
E-mail Article
Print Article
Relevant Data
Why Critical Infrastructure Protection Should Mean Something to YouThe Latest from SIW
Security prepares for largest presidential inauguration The security week that was: 11/21/08 Sources: Napolitano likely to be named DHS secretary TSA's 'behavior detection' draws scrutiny in light of few arrests Survey: National security a bigger issue prior to economic crisis Eye on Video: Specialized intelligent video applications
When it comes to the national infrastructure, most leaders agree on one thing: There is nothing more important than reliable electric energy.
The electric energy sector has seen a significant increase in security regulation since the Sept. 11 attacks an increase that only escalated after the Northeast blackout of 2003. Recent federal legislation has changed the regulatory environment from voluntary compliance to mandatory compliance.
The North American Electric Reliability Corporation (NERC), the lead organization for the electric industry, has set voluntary industry standards for years. Now it has real teeth, in the form of federal compliance legislation and newly developed reliability standards. All of the NERC's standards can be found under the Standards link at www.nerc.com, including those that deal with security and critical infrastructure protection both physical and logical which are commonly referred to as the CIP standards.
The CIP standards apply to all key players in the electric industry: reliability coordinators, balancing authorities, transmission operators, generator operators and load-serving entities. It takes all five of these parties working in unison to provide highly reliable electric service across North America .
The CIP has nine security standards that businesses or organizations who participate in any of the five key areas must address: sabotage reporting; security management controls; personnel and training; electronic security perimeters; physical security of critical cyber assets; systems security management; incident reporting; response planning; and recovery plans for critical cyber assets.
The overriding emphasis is on the effective protection of information and control systems that perform critical, split-second functions. For businesses and organizations across the electric industry, reliability and security issues are critically important. Security leaders must effectively orchestrate security practices that meet the requirements of the CIP and that are also economically sound so businesses can effectively maintain the regulations' intent of enhancing overall system reliability. If you are in the electric industry, you are already seriously engaged in addressing these issues.
So, what about those of you who are not in the electric industry? What does it mean to you?
