Critical Infrastructure Protection

Electricity Sector Threat Advisory Levels
Physical Significant Risk of Terrorist Attacks	Cyber Significant Risk of Terrorist Attacks

[ CIP Message System ]

Industry-Government Interface
NERC plays a major role in protecting the electric system by serving as the focal point for coordinating information exchange on critical infrastructure issues between the electricity industry and the federal government. Through NERC, government and industry work together to protect the electricity infrastructure from physical and cyber attacks. This coordination ensures that the industry is able to speak with one voice and take action in a consistent and effective manner.

The CIPC Executive Committee, along with the President and CEO of NERC, serve as the Electricity Sector Coordinating Council to collaborate with the U.S. Department of Energy and U.S. Department of Homeland Security on critical infrastructure and security matters. 

The U.S. Department of Energy designated NERC as the electricity sector coordinator for critical infrastructure protection. NERC serves as the Information Sharing and Analysis Center for the electricity sector. NERC also works closely with the U.S. Department of Homeland Security and Public Safety Canada to ensure that the critical infrastructure protection functions so vital to the industry are fully integrated and coordinated with the governments of the United States and Canada.

Electricity Sector Information Sharing and Analysis Center (ESISAC)
As the designated ESISAC, NERC gathers, disseminates and interprets security-related information between industry and the government and with all the sector entities. The ESISAC website posts advisories, alerts, warnings and the current threat alert levels for the Homeland Security Advisory System, DOE, the Nuclear Regulatory Commission, and the electricity sector.

Cyber Security Standards
NERC adopted Cyber Security Standards CIP-002-009 in 2006.  The standards establish the minimum requirements needed to ensure the security of electronic exchange of information needed to support the reliability and the bulk power system.  The multi-year implementation schedule establishes the milestones for compliance by the electric sector's owners and operators.

Security Guidelines for the Electricity Sector
NERC has created a compendium of best practices for protecting critical facilities against a spectrum of physical and cyber threats. The Security Guidelines for the Electricity Sector addresses topics including vulnerability and risk assessment, business continuity, physical and cyber security, and protecting sensitive information.

Critical Infrastructure Protection Committee (CIPC) 
CIPC guides NERC's security activities. CIPC brings together the operational experience and expertise of the NERC standing committees and the broad membership of the American Public Power Association, Canadian Electricity Association, Edison Electric Institute, Electric Power Supply Association, and the National Rural Electric Cooperative Association.