FERC

FERC Finalizes New Internal Network Security Monitoring Requirements for Bulk Electric Systems

By Ashden Fein, Caleb Skeath, John Webster Leslie, Shayan Karbassi & Krissy Chapman on July 8, 2025

Posted in Critical Infrastructure, Cybersecurity

The U.S. Federal Energy Regulatory Commission (“FERC”) recently issued Order No. 907 (the “Order”), approving a new Critical Infrastructure Protection (“CIP”) Reliability Standard, CIP-015-1. The new standard will require covered entities that maintain certain bulk electric systems (“BES”) to implement Internal Network Security Monitoring (“INSM”) for network traffic within their “electronic security perimeter,” i.e., the logical border surrounding the network of interconnected devices that comprise a BES Cyber System. However, as discussed below, these requirements will not go into effect for approximately three years, and many covered entities will have an additional two years before they are required to comply.Continue Reading FERC Finalizes New Internal Network Security Monitoring Requirements for Bulk Electric Systems

FERC Orders Development of New Internal Network Security Monitoring Standards

By Ashden Fein, Caleb Skeath, Shayan Karbassi & John Webster Leslie on January 26, 2023

Posted in Cybersecurity, Data Security, Privacy and Data Security

The Federal Energy Regulatory Commission (“FERC”) issued a final rule (Order No. 887) directing the North American Electric Reliability Corporation (“NERC”) to develop new or modified Reliability Standards that require internal network security monitoring (“INSM”) within Critical Infrastructure Protection (“CIP”) networked environments. This Order may be of interest to entities that develop, implement, or maintain hardware or software for operational technologies associated with bulk electric systems (“BES”).Continue Reading FERC Orders Development of New Internal Network Security Monitoring Standards

FERC Requests Comments on Grid Cybersecurity Initiatives

By Inside Privacy on July 1, 2020

Posted in Cybersecurity

In a new post on the Covington Energy & Environment Blog, our colleagues discuss the Federal Energy Regulatory Commission’s Notice of Inquiry on updating reliability standards related to cybersecurity, especially given the threat of a coordinated cyberattack targeting geographically distributed generation resources. The Commission also issued a staff paper that…
Continue Reading FERC Requests Comments on Grid Cybersecurity Initiatives

FERC Approves New Cybersecurity Standards for Supply Chain Risk Management

By Caleb Skeath on October 26, 2018

Posted in Cybersecurity, Internet of Things (IoT)

The Federal Energy Regulatory Commission (“FERC”) released a final rule approving three new Critical Infrastructure Protection (“CIP”) standards which address supply chain risk management for bulk electric systems (“BES”) operations. The new standards were developed by the North American Electric Reliability Corporation (“NERC”) in response to FERC Order No. 829, which directed NERC to create new CIP standards to address risks associated with the supply chain for grid-related cyber systems. The final rule will take effect sixty days after it is published in the Federal Register. The new standards must be implemented in eighteen months. More details regarding the new CIP standards, which may be of interest to entities that develop, implement, or maintain hardware or software for industrial control systems associated with bulk electric systems (“BES”), are provided below.
Continue Reading FERC Approves New Cybersecurity Standards for Supply Chain Risk Management