FERC Requires Expanded Cyber Security Incident Reporting

The Federal Energy Regulatory Commission (FERC) today directed the North American Electric Reliability Corp. (NERC) to develop, within six-months of the effective date of this final rule, modifications to the Critical Infrastructure Protection Reliability Standards to improve mandatory reporting of cyber security incidents, including attempts that might facilitate subsequent efforts to harm reliable operation of the nation’s bulk electric system.

Under the current Critical Infrastructure Protection Reliability Standard CIP-008-5 (Cyber Security – Incident Reporting and Response Planning), incidents must be reported only if they have compromised or disrupted one or more reliability tasks.

“Cyber threats to the bulk power system are ever changing, and they are a matter that commands constant vigilance,” FERC Chairman Kevin J. McIntyre said. “Industry must be alert to developing and emerging threats, and a modified standard will improve awareness of existing and future cyber security threats.”

Today’s final rule directs NERC to modify the Standard to expand the current reporting requirement, including:

    • Responsible entities must report cyber security incidents that compromise, or attempt to compromise, a responsible entity’s Electronic Security Perimeter (ESP) or associated Electronic Access Control or Monitoring Systems (EACMS);


    • Cyber security incident reports should be standardized to improve the quality of reporting and allow for ease of comparison across reports, analysis, and trending;


  • Cyber security incident reports would be sent to those organizations best equipped to assess threats and communicate them to industry. Specifically, reports will continue to be sent to the Electricity Information Sharing and Analysis Center (E-ISAC); the reports would also be sent to the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). NERC would file an annual, public and anonymized summary of the reports with the Commission.


The Commission directed NERC to consider the threat level when developing reporting thresholds and timelines. Specifically the Commission directed NERC to consider the function of the EACMS and the nature of the attempted compromise or successful intrusion when developing the reporting thresholds so that only cyber security incidents meeting a certain threat level would have to be reported.

NERC also must develop reporting timelines that correspond to the adverse or attempted adverse impact to the grid that loss, compromise or misuse of the bulk electric system cyber assets could have on reliable operation. Prioritizing incident reporting will allow responsible entities to devote resources to reporting the most significant cyber security incidents faster than less significant events.

The Final Rule takes effect 60 days after publication in the Federal Register.

The Southern Maryland Chronicle is a local, small business entrusted to provide factual, unbiased reporting to the Southern Maryland Community. While we look to local businesses for advertising, we hope to keep that cost as low as possible in order to attract even the smallest of local businesses and help them get out to the public. We must also be able to pay employees(part-time and full-time), along with equipment, and website related things. We never want to make the Chronicle a “pay-wall” style news site.

To that end, we are looking to the community to offer donations. Whether it’s a one-time donation or you set up a reoccurring monthly donation. It is all appreciated. All donations at this time will be going to furthering the Chronicle through hiring individuals that have the same goals of providing fair, and unbiased news to the community. For now, donations will be going to a business PayPal account I have set-up for the Southern Maryland Chronicle, KDC Designs. All business transactions currently occur within this PayPal account. If you have any questions regarding this you can email me at davidhiggins@southernmarylandchronicle.com

Thank you for all of your support and I hope to continue bringing Southern Maryland the best news possible for a very long time. — David M. Higgins II

© 2019 The Southern Maryland Chronicle. All Rights Reserved. This website is not intended for users located within the European Economic Area.