Today’s LiveWire Spotlight examines FERC Order 850, announcing the Commission’s approval of three Critical Infrastructure Protection (CIP) standards that close known reliability gaps associated with global supply chain management. FERC agrees the standards satisfy four key security objectives by significantly hardening BES Cyber Systems against attacks originating from a vendor’s website, manufacturing floor, product design group, and/or support teams
The CIP supply chain implementation plan calls for CIP-005-6, CIP-010-3, and CIP-013-1 to take effect eighteen months after the approval of the proper authority. This corresponds to a mandatory and enforceable date of July 1, 2020 in the U.S.