Today’s LiveWire Spotlight looks at FERC’s Notice of Proposed Rulemaking to order a modification to CIP-008-5, the NERC standard governing cyber security incident reporting and response planning. In it, the Commission calls for the reporting of cyber-attacks even if they caused no harm. At present, only those that impair a reliability task must be reported.
FERC’s proposal to modify the cyber incident notification process outlined in CIP-008-5 is posted for a 60-day public review. Clients have untilFebruary 26, 2018 to submit their comments regarding the Notice of Proposed Rulemaking.