Today’s LiveWire Spotlight looks at the updated versions of two Critical Infrastructure Protection standards (CIP-004-7 and CIP-011-3) intended to allow alternative protective strategies that secure access to BES Cyber System Information (BCSI). The modifications account for third-party information storage services that are not specifically permitted in the in-effect standards.
CIP-004-7 and CIP-011-3 Draft 2 have been posted for a 45-day review and concurrent ballot. Industry stakeholder comments are due back to the project team by September 21, 2020 and votes must be cast on or before the same day.