American Electric Reliability Council (NERC) has finalized its Critical
Infrastructure Protection (CIP) specifications, which require all major
utilities on the continent to meet a set of security standards or face
financial penalties. The first compliance deadlines are set for the
second quarter of 2009.
The new requirements, officially known as CIP 002-009, were
completed in May and quietly enacted last month. They will apply to any
company, large or small, that is part of the continent's bulk electric
power grid. Distributors will not be held to the new standard, but
suppliers and contractors to the major utilities may have to comply
with some aspects.
I am going to try to get my hands on this to get the details. Read the full article on Dark Reading.