Today’s LiveWire Spotlight looks at FERC Order 887, which directs NERC to develop new CIP cyber security requirements calling for the use of Internal Network Security Monitoring (INSM) systems at important BES sites. The Commission is looking to act on findings from the devastatingly-successful cyber-attacks on the SolarWinds’ Orion network monitoring platform and the Colonial Pipeline — both may have been deflected if early warnings of hostile compromise had been given.    

FERC Order 877 directs the industry-vetted CIP INSM requirements for high and medium impact BES Cyber Systems to be submitted by April 18, 2024.  NERC’s must deliver recommendations regarding all other BES Cyber Systems three months prior to that.