FERC Proposes to Require Expanded Cyber Security Incident Reporting
The Federal Energy Regulatory Commission (“FERC”) recently proposed that the North American Electric Reliability Corporation (“NERC”), which is responsible for promulgating and enforcing FERC-approved mandatory electric reliability standards, revise its Critical Infrastructure Protection (“CIP”) standards to require additional circumstances under which reporting of cybersecurity incidents is mandatory. FERC’s goal is to enhance the awareness of existing or developing threats, including incidents that might enable future harm to the nation’s bulk electric system.
NERC’s current CIP…