Sep 7, 2017
Almost all discussion around the NERC CIP cybersecurity standards for the electric sector focus on compliance. What do the standards require? How will I be audited? What happens if I fail the audit? Lost in this discussion is the underlying purpose of the standards was to reduce the risk of a cyber incident causing a significant impact to the ability to generate and deliver electricity.
So I decided to interview Patrick Miller of the Archer Security Group about how NERC CIP has affected the security of electric generation and transmission in the US. Patrick has experience as an asset owner, auditor, Energysec President and now leading a team of consultants that provide NERC CIP services. After a quick question on the size and expected growth of the CIP security services market we focused on security. Some of the areas discussed include:
As always I appreciate any feedback as well as suggestions and topics for future episodes. Send this to firstname.lastname@example.org.