Project 2022-05 Modifications to CIP-008 Reporting Threshold

​​​Related Files

Status
An informal comment period for the Project 2022-05 Modifications to CIP-008 Reporting Threshold Standard Authorization Request (SAR) is open through 8 p.m. Eastern, Monday, December 5, 2022.

Additionally, nominations are being sought for SAR drafting team members though 8 p.m. Eastern, Monday, December 5, 2022.

 

Background
Reliability Standard CIP-008-6 became effective on January 1, 2021, in response to FERC Order No. 8481​ directing NERC to develop modifications to the Reliability Standards to require reporting of Cyber Security Incidents and attempt(s) to compromise a responsible entity's Electronic Security Perimeter (ESP) or associated Electronic Access Control or Monitoring Systems (EACMS).

Since the effective date of CIP-008-6, there has not been a material change from CIP-008-5 in the number of Reportable Cyber Security Incidents or Cyber Security Incidents that were determined to be an attempt to compromise an applicable system. This project will address gaps in CIP-008-6 permitting a subjective determination of attempt(s) to compromise. The Standard Drafting Team (SDT) will modify the Reliability Standards and associated definitions as necessary to provide a minimum expectation for thresholds to support the definition of attempt to compromise.


Standard(s) Affected: CIP-008


Purpose/Industry Need
In Q3 2021, the ERO Enterprise initiated a study to better understand how registered entities have implemented Reliability Standard CIP-008-6; specifically, how the registered entities have interpreted Reportable Cyber Security Incidents and defined attempt(s) to compromise. The study concluded that the current language of the Reliability Standard permits the use of subjective criteria to define attempt(s) to compromise, and most programs include a provision allowing a level of staff discretion. Reliability Standard CIP-008-6, or definitions, will be modified to provide a minimum expectation for thresholds defining attempt to compromise.



1 https://www.nerc.com/FilingsOrders/us/FERCOrdersRules/E-1_Order%20No.%20848.pdf


DraftActionsDatesResultsConsideration of Comments
Drafting Team Nominations


Supporting Materials

Unofficial Nomination Form (Word)



Nomination Period


Info​

Submit Nominations​​



11/02/2022 – 12/05/2022

Comment Period

Info​

Submit Comments​


11/02/2022 – 12/05/2022