Energy and power utility companies are under constant pressure to effectively manage various physical and cyber security risks that can potentially impact the country’s power infrastructure. Adding to the complexity and broad array of cybersecurity regulatory requirements are the Critical Infrastructure Protection (CIP) Standards, which are enforced by the North American Electric Reliability Corporation (NERC) in order to protect the electric utilities operating bulk power system. Currently, nine CIP standards of reliability have been defined, spanning cyber asset identification, security management controls, personnel & training, electronic security perimeter(s), physical security, systems security management, incident reporting and response, and recovery plans for critical cyber assets, all of which ensure the continued reliability of power generation. Adding further to an already complex Energy and Utility regulatory landscape is the NIST (National Institute of Standards and Technology) cybersecurity framework, which affects many entities in the electric power industry.

Complying with these evolving standards can be daunting, and keeping pace with new trends and emerging risks is difficult to achieve. Other challenges facing the industry include constrained budgets, limited skill resources, antiquated technology, and ineffective manual processes.

With the stakes and penalties (up to US $1 million per violation) very high, companies must build a sustainable and unified compliance framework. This framework should align the activities of various departments in order to eliminate functional silos and fragmented manual policies, as well as inadequate policies and workflows. Only then can organizations easily adapt to changes, establish adequate processes and controls, and create a culture of compliance.

Join Dr. Brenda Boultwood, SVP of Industry Solutions at MetricStream, Leland McMillan, Manager of NERC Compliance at PPL Montana, and Patrick Miller, Managing Principal at The Anfield Group during this webinar as they discuss best practices while implementing NERC CIP and other security controls, and the role of comprehensive compliance management solutions.

Key points that will be highlighted included:

  • The increasing importance of the Federal Energy Regulatory Commission (FERC) policy
  • Identification and mitigation of potential compliance risks
  • Strategies to design and implement efficient NERC CIP and other security compliance programs

Attend this webinar:
This webinar is scheduled to take place on Tuesday, August 6, 2013 at 8:00 am Pacific Time. To register for this webinar, and to learn more about the webinar and the speakers, please click here.

About MetricStream

MetricStream is the independent market leader in enterprise cloud applications for governance, risk, compliance (GRC), and quality management. MetricStream apps and software solutions improve business performance by strengthening risk management, corporate governance, regulatory compliance, audit management, vendor governance, and quality management for organizations across industries, including banking and financial services, health care, life sciences, energy and utilities, consumer brands, government, technology, and manufacturing. MetricStream is headquartered in Palo Alto, California, with an operations and GRC innovation center in Bengaluru, India, and sales and operations support in 12 other cities globally.(

Press contact

[email protected]

Get a demo Download RFP Template Pricing Contact