Today’s LiveWire Spotlight looks at FERC’s Notice of Proposed Rulemaking to order a modification to CIP-008-5, the NERC standard governing cyber security incident reporting and response planning.  In it, the Commission calls for the reporting of cyber-attacks even if they caused no harm.  At present, only those that impair a reliability task must be reported.

FERC’s proposal to modify the cyber incident notification process outlined in CIP-008-5 is posted for a 60-day public review.  Clients have untilFebruary 26, 2018 to submit their comments regarding the Notice of Proposed Rulemaking.