Today’s LiveWire Spotlight looks at the draft updates to a technical guideline developed by NERC’s Real-Time Operating Subcommittee in 2018 addressing the detection of cyber security breaches.  The new version leaves the central premise unchanged – i.e., operators are uniquely positioned to identify cyber-attacks on the control board or after hearing reports of odd equipment behavior in the field.  However, it reorganizes the content into three sections dealing with (1) recognizing attacks, (2) initial steps/internal alerting, and (3) response actions/external reporting.

NERC’s Draft Reliability Guideline – Cyber Intrusion Guide for System Operators Version 2 has been posted for a 45-day stakeholder review period.  Comments must be returned to Bill.Graham@nerc.net by February 5, 2022.