CIP-013 Is Just the Beginning: Utility Regulations Demand Robust Third-Party Risk Management

Provided by Bitsight Technologies

Category Security

Type White Paper

Publish Date July 17 2019


Evolving Cybersecurity Concerns in the Utilities Sector

Cyber attacks have the potential to create significant physical consequences for utilities, especially as critical infrastructure operations become more integrated. 

Globally interconnected, remotely accessible third-party connections provide cyber attackers with increased access to supply chain targets, and the utilities sector is largely unprepared for the associated cybersecurity challenges.

The Federal Energy Regulatory Commission (FERC) has implemented a new regulatory requirement, NERC CIP-013-1, which places increased responsibility on utilities to evaluate the cybersecurity of their third-party vendors and partners. While important, this regulation is just the beginning of a new reality for utilities.

Download the white paper to learn more about the current utility industry cybersecurity climate and the steps utilities can take to limit their supply chain risk.


Do you think your smartphone is making you a workaholic?