Today’s LiveWire Spotlight looks at FERC’s denial of a complaint from a Mr. Mabee who asserted that CIP-013-1 inadequately protects the Bulk Power System from nation state attacks through the supply chain. The Commission sees no basis in the claim that the standard does not “comport with Presidential Executive Order 13,920” restricting the acquisition of equipment supplied by foreign adversaries, and that they have allowed the CIP standards to substantially deviate from NIST’s cutting edge cybersecurity framework.
FERC’s denial of the Mabee CIP-013-1 complaint is not a rejection of an impractical approach to BPS cybersecurity. To the contrary, the Commission was proceeding along the same lines anyways – and are expected to issue further supply chain directives shortly.