The U.S. government has passed cybersecurity standards to protect the nation's electrical grid from a cyberattack, reports Business Week.
The Federal Energy Regulatory Commission (FERC) approved mandatory reliability standards for protecting physical and electronic access to control systems, training personnel on security matters, reporting incidents and recovery planning from a cyber incident.
The commission approved the rules proposed last July and also directed the North American Electric Reliability Corp., which oversees the grid, to strengthen certain technical and oversight provisions, including removing language that allowed varied implementation of standards based on "reasonable business judgment."
“Today we achieve a milestone by adopting the first mandatory and enforceable reliability standards that address cyber security concerns on the bulk power system in the United States,” FERC Chairman Joseph T. Kelliher said. “The electric industry now can move on to the implementation of the standards in conjunction with improvement of these standards in order to increase the security and reliability of the bulk power system.”
Cybersecurity standards for the nation's electrical grid was a pressing issue for FERC after government computer specialists caused a electric generator to self-destruct after hacking into a simulated power plant's control system last year.
The standards, according to FERC, address eight areas: critical cyber asset identification, security management controls, personnel and training, electronic security perimeters, physical security of critical cyber assets, systems security management, incident reporting and response planning, and recovery plans for critical cyber assets.