Today’s LiveWire Spotlight evaluates the third draft of CIP-012-2 — which continues NERC’s effort to enact FERC’s directive to correct a deficiency that could expose data transmitted between Control Centers to cyber-attacks. In short, FERC is looking for end-to-end data availability to include the link managed by the telecom carrier; meaning that CIP Entities could be held accountable for the actions of third parties if the mandatory language in the standard is imprecisely written. 

The third draft of CIP-012-2: Communications Between Control Centers and its supporting materials have been posted for a 45-day review and concurrent ballot.  Feedback is due back to the project team and all votes cast by November 16, 2022.