« WatchGuard sold for just 151m | Main | How many security vendors does it take to implement a NAC solution? »

July 25, 2006

NERC gets some teeth

For a long time now the electric utility industry has been trying to draw up a set of cybersecurity standards to have at least some minimum standard that power generators have to adhere to.  The requirements went into effect last month according to this article.  They are called CIP 002-009 for Critical Infrastructure Protection (CIP) specs.  There is supposedly financial penalties for non-compliance and I imagine between NERC and FERC, they have the power to enforce this.  The bad news is the first compliance deadlines are not until 2009.

Under the regulations power companies will have to have basics like anti-virus, patch management, IDS and yearly vulnerability assessments.  When you realize that some of the plants are nuclear power plants, you might think they should have to do more.  But at least this is a start.

Posted at 07:20 PM in compliance, General Security |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200d83530c22053ef

Listed below are links to weblogs that reference NERC gets some teeth:

Comments

My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Attend a Computer Forensics Boot Camp to better your skills and become a better worker

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About