FERC Issues Internal Network Security Monitoring NOPR

On January 20, 2022, in Docket No. RM22-3-000, FERC issued a Notice of Proposed Rulemaking (NOPR) proposing to direct NERC to develop Reliability Standards that require internal network security monitoring within a trusted critical infrastructure protection (CIP) networked environment (internal network security monitoring or INSM) for high and medium impact Bulk Electric System Cyber Systems. The NOPR notes that currently effective CIP Reliability Standards offer a “broad set” of cybersecurity protections, but they do not address INSM, which creates a “gap” in the CIP Reliability Standards. The NOPR states that including INSM requirements would ensure that responsible entities maintain visibility over communications between networked devices within a trust zone (i.e., within an electronic security perimeter (ESP)), not simply monitor communications at the network perimeter access point(s), i.e., at the boundary of an ESP as required by the current CIP requirements.  In the event of a compromised ESP, improving visibility within a network would increase the probability of early detection of malicious activities and would allow for quicker mitigation and recovery from an attack. The Commission requests comments on the NOPR within 60 days.

To view the NOPR, click here.