US needs better ways to ID grid-related cyber-security threats: FERC

The US needs more consistent and up-to-date ways to identify “cyber assets” that could be vulnerable to attacks on the nation’s energy grid, according to the Federal Energy Regulatory Commission (FERC).

The agency has recommended the the electric industry and the North American Electric Reliability Corp. (NERC) revise current standards to ensure a more comprehensive approach toward protecting the grid from cyber-security breaches. FERC is proposing revisions to eight critical infrastructure protection reliability standards, including a new method of identifying cyber assets.

NERC is the electric reliability organization certified by FERC. It is responsible for developing and enforcing mandatory reliability standards.

The new cyber asset identification standard proposed by FERC would replace the existing risk-based assessment methodology with 17 uniform, “bright line” criteria. The new criteria are aimed at making the process more consistent and clear by limiting discretion in the identification of grid-critical cyber assets.