Today’s LiveWire Spotlight looks at the first of six draft NERC Security Guidelines dealing with with threats introduced through the supply chain.  This one offers advice to Entities looking to deploy airtight processes that verify that equipment shipped to them was not compromised during delivery.  The process starts when the (trusted) vendor hands off a securely packaged component to the carrier and ends at the point it is warehoused on premise awaiting installation.

The initial draft of the NERC Security Guideline on Supply Chain Secure Equipment Delivery has been posted for a 45-day industry stakeholder review.  Comments must be returned to tom.hofstetter@nerc.net by October 28, 2022 using the form provided by the RSTC.