The Critical Infrastructure Protection Committee (CIPC) was formed to help the North American Electric Reliability Corporation (NERC) advance the physical and cyber security of the critical electricity infrastructure of North America. The committee consists of both NERC–appointed regional representatives and technical subject matter experts. CIPC coordinates NERC’s security initiatives and serves as an expert advisory panel to the NERC Board of Trustees, standing committees in the areas of physical and cyber security, and the Electricity Sector Information Sharing and Analysis Center (ES-ISAC). CIPC is responsible for:
• Coordinating and communicating with organizations responsible for physical and cyber security in all electric industry segments, as well as other critical infrastructure sectors as appropriate;
• Liaising with governments on critical infrastructure protection (CIP) matters;
• Coordinating with the other NERC committees and working groups to assure the highest degree of collaboration possible;
• Establishing and maintaining an information reporting procedure for CIP among industry segments and with governments, as appropriate;
• Developing, periodically reviewing, and revising (as appropriate) security guidelines;
• Assisting in the development and implementation of NERC standards; and
• Conducting forums and workshops related to the scope of CIPC.
CIPC plays an active role in CIP standards development. CIPC works closely with NERC operating and planning committees to identify needs for new or revised CIP standards and initiating standards actions by submitting standards authorization requests. The committee also reviews draft CIP standards authorization requests and standards, and provides comments. CIPC provides expert resources in technical subject matter to support the development of CIP standards and serves as a forum for education, sharing of views, and informed debate of CIP standards. CIPC captures the knowledge discovered in this forum to develop reference documents that inform the Electricity Sub-sector about CIP standards and facilitate their implementation. Additionally, CIPC shares knowledge by conducting workshops related to CIP standards and their development.
Impact on the Electricity Sub-Sector
CIPC educates the Electricity Sub-sector to maintain physical and cyber infrastructure security by:
• Protecting - to include physical security, cyber security, emergency preparedness and response, business continuity planning, and recovery from a catastrophic event, with emphasis on deterring, preventing, limiting, and recovering from terrorist attacks;
• Deterring - to dissuade an entity from attempting an attack;
• Preventing - to cause an attempted attack to fail;
• Limiting - to constrain consequences of an attack in time and scope; and
• Recovering - to return to normalcy quickly and without unacceptable consequences in the interim.
CIPC’s membership of regional representatives and subject matter experts work to ensure that CIP functions vital to the industry are fully integrated and coordinated with the governments of the United States and Canada.