NERC CIP Gap Analysis and Risk Assessment

The North American Electric Reliability Corporation (NERC) first issued the Critical Infrastructure Protection (CIP) Cyber Security Standards to safeguard electrical systems in 2003. In 2006, the Federal Energy Regulatory Commission (FERC) approved the Security and Reliability standards proposed by NERC, making the CIP Cyber Security Standards mandatory and enforceable across all users, owners and operators of the bulk-power system. Failure to take the necessary security precautions exposes your electric cooperative to greater risks, including an increased likelihood of disruption of service and regulatory fines.

True has worked with multiple service providers across the country, performing risk assessments and providing security-related consulting services that improve power grid security and enable cooperatives to adhere to NERC CIP regulatory requirements.

True’s Cyber Vulnerability Assessment will look at your security holistically to identify what you are currently doing to protect your network access points and cyber assets, assess its effectiveness against industry standards, inform you of your current risk, and give you customized priorities for moving toward an improved security posture.

Our assessment will get you on track to meeting your CIP-005 and 007 Cyber Vulnerability Assessment compliance requirements, while opening your eyes to existing security weaknesses. Our analysts organize your vulnerabilities by class and assign a prioritized risk rating so that after the assessment is complete, you have clear direction which security vulnerabilities should be addressed first in order to achieve an optimal security posture that helps protect your power grid from attack.