Articles and Books

NERC/CIP Cyber Security: Leveraging Existing Controls to Secure the Enterprise

Categorized Under: Energy, Homeland Security, Program Management + IT Management



Published in the February 28, 2008, issue of Energy Central's EnergyPulse, by Kevin T. McDonald, Senior NERC Cyber Security Analyst at ICF International. The electric utility industry is facing the daunting task of compliance with the rigorous North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP) physical and electronic security standards. Formulated to mitigate the threat of damage or disruption to the U.S. and Canadian Power Grid, these standards were formally adopted by the Federal Energy Regulatory Commission (FERC) in early 2008 and are now mandatory. This article demonstrates methods to reduce the impact of compliance by identifying and incorporating existing controls into the NERC CIP Framework.

Related Market + Service Offerings

Authored By

  • Kevin McDonald

    Senior Analyst and Cloud StrategistICF International

    Kevin T. McDonald, a cloud strategist for ICF International based in Washington, DC, is the author of Above the Clouds: Managing Risk in the World of Cloud Computing. He is an affiliate member of the government Smartcard Interagency Advisory Board, Tech America Cloud Computing Committee, the IAC-ACT Cloud Computing in Government committee, the Cloud Security Alliance, and the PMIWDC International C2C representative to PMI UK and PMI Italy.

    He is widely published on issues ranging from green technology and cloud computing to cyber security and risk management. He is pursuing graduate studies in Technology Management at Georgetown University.

Insight Details

Published: Feb 28, 2008
Source: Energy Pulse

© Copyright 1992–2014 ICF International, Inc. All Rights Reserved.