Collaborate Disseminate
The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) Standards are a cybersecurity compliance framework designed to protect utility organizations. Adhering to these guidelines is essential—falling short will… Continue reading 4 Steps for Assessing Your NERC CIP Compliance Program
As organizations grappled with NERC CIP version 5, Tripwire learned along the way. In this series, I’ll cover the aspect of CIP that has come up the most in the last year: how to meet the software monitoring requirements. Software Inventory as a … Continue reading Software Monitoring for NERC CIP Compliance: Part 1
In Part 1 of this series, I walked through the background of the NERC CIP v5 controls and outlined what needs to be monitored for NERC CIP software requirements. In this final part of the series, we will take what we have learned and explore approaches for meeting the requirements, while considering security value. NERC CIP […]… Read More
The post Software Monitoring for NERC CIP – What, Why and How – Part 2 appeared first on The State of Security.
Continue reading Software Monitoring for NERC CIP – What, Why and How – Part 2
The momentous NERC CIP v5 deadline of July 1 is now behind us. Considerable work has been done by all NERC registered entities, but there is still considerable work ahead. Some entities are still working on implementing or automating required controls. On top of that effort, the time bound process requirements (e.g. review X every Y […]… Read More
The post Software Monitoring for NERC CIP: What, Why and How – Part 1 appeared first on The State of Security.
Continue reading Software Monitoring for NERC CIP: What, Why and How – Part 1