Critical Infrastructure Protection (CIP) Reliability Standards are allowing suggestions to increase cyber security protection and you may be surprised at one suggestion…
The CIP Reliability Standards are the cyber security control centers used to monitor and control the bulk electric system in real-time. After recent concerns regarding the ability of a ransomware attack to take down the entire power grid, the CIP is accepting suggestions to strengthen their standards to avoid such catastrophe.
According to Electric Light and Power, the Federal Energy Regulatory Commission (FERC) is recommending for two adjustments in the CIP Reliability Standards. First, that there is a separation between the internet and the bulk cyber systems in control centers performing transmission operator functions. This would be done by replacing the internet connection with data lines that the transmission operators would be own. It is believed this would decrease the risk of malware infections due to the elimination of an internet connection, which is how most malware infiltrates the system.
Second, the FERC is suggesting application whitelisting to prevent unwanted and unsafe programs from executing. It is believed application whitelisting could be a more effective mitigation tool than others because of the whitelisting methodology. FERC made the following statement regarding their recommendation to implement application whitelisting:
“…by knowing all installed applications, the security professional can set the application whitelisting program to know the application is approved; all unapproved applications will activate an alert.”
Both of the FERC suggestions are not only valid risk mitigation tools, but most importantly take a proactive approach to cyber security. Preventative detection is critical, as remediation is useless against many of today’s modern threats, including ransomware.