Home

NERC Cyber Security Compliance or How to Game the System

Oct. 3, 2007

From ISA Expo2007:

A panel session was held this morning (Tuesday October 2nd) on NERC Cyber Security Compliance. One of the speakers was Scott Mix from NERC. Scott explained what it meant to be NERC compliant. He mentioned that meeting NERC requirements was what determined compliance. He used the example that if you had a policy, even if it was the wrong policy, you would be compliant. He then discussed penalties. One of the factors in determining the level of fines was the threat to reliability. That is, the greater the threat, the greater the fine. This brought up the conundrum - you can be NERC compliant by having the wrong policy which makes the reliability threat high which can lead to significant penalties. Does anyone sense something wrong with this approach?????

NERC Cyber Security Compliance or How to Game the System

Continue Reading

Phillips 66 digitalizes SIS management

Why and how to establish installed valve flow characteristics

Latest from Home

Traditional skills, reliability support sustainability

Unlearned lessons from Stuxnet

Poll: Is sustainability still prominent in the industrial sector?

Most Read

Misunderstanding 4-20mA signal loops

The distributed control system turns 50

Can the Paris Agreement survive?