Today’s LiveWire Spotlight examines the initial draft of CIP-013-1, the NERC standard designed to limit the risk of cyber-attacks that may originate from some point in the electric system supply chain. CIP-013-1 introduces five new requirements – and several sub-requirements – addressing the planning, acquisition, deployment, and operations phases of the product life cycle.

The initial draft of CIP-013-1 Cyber Security Supply Chain Risk Management has been posted for a 45-day review period and concurrent ballot. Clients have until March 6, 2017 to provide comments back to the drafting team.