(power-eng.com) Cybersecurity is a top concern for utilities and power companies - the Ukraine grid cyberattack late last year was a wake-up call to take the matter seriously. With the number of devices and connection points to the grid increasing every day, the chance for a breach is much higher than ever before, and so are the stakes.
Laptops and removable storage media such as USB thumb drives are among the weakest links in grid security, since both can bring malicious software into protected substation environments. Regulators have taken notice: the North American Electric Reliability Corporation (NERC) has developed new critical infrastructure protection (CIP) requirements for transient cyber assets and removable media that are designed to prevent these kinds of breaches.
Starting in April 2017, anyone who works on a utility or power company’s medium or high impact system, including contractors, needs to comply with the standards and use locked-down devices to prevent unauthorized access points to the network. Companies need to take steps now in order to avoid serious regulatory and financial consequences. Violations may result in penalties of up to $1 million per day per incident.
Read Full Article: http://www.power-eng.com/articles/np...uirements.html