August 2016 | by Richard Jones
As the big push behind NERC CIP v5/v6 comes to some form of “conclusion”, most U.S. utility executives are breathing a huge sigh of relief. Their efforts to make their high and medium impact facilities compliant are finally completing. However for some insiders, there is a concern that a state of compliance complacency is now manifesting in the U.S.
- The expectation is that billions of dollars in compliance spend should have realized “enough” improvements in security … for now
- Some larger utilities refute the need to spend any additional money on compliance motivated security improvements
As a result, the industry is moving slowly to meet the requirements for low impact facilities, systems, and assets and as a consequence may also be delaying other critical security initiatives. This will likely have undesired consequences.
Links to past articles, in-the-news postings and press releases can be found here.