What CIP 009?
Purpose: Standard CIP-009 ensures that recovery plan(s) are put in place for Critical Cyber Assets and that these plans follow established business continuity and disaster recovery techniques and practices.
How often does NERC CIP require your organization to test your recovery plan?
once every 15 calendar months
PACS Test each of the recovery plans referenced in Requirement R1 at least once every 15 calendar months: By recovering from an actual incident; • With a paper drill or tabletop exercise; or • With an operational exercise.
How often must the cyber security incident response plan be tested?
annual
Agencies entrusted with FTI must evaluate incident response capabilities on an annual basis, as required by IRS Publication 1075.
What CIP 13?
Introducing NERC CIP-013-1 The CIP-013-1 is an update to the Critical Infrastructure Protection (CIP) standard, which includes a set of regulatory requirements “to mitigate cyber security risks to the reliable operation of the Bulk Electric System (BES)”.
Who will comply with NERC CIP?
The NERC CIP standards require utility companies in North America to establish and adhere to a baseline set of cybersecurity measures. The goal is to ensure that appropriate security controls are in place to protect BES and its users and customers from all threats that may affect its timely and effective functioning.
How do you test a cyber incident response plan?
Best Practices for Testing Your Cyber Incident Response Plan
- Building an Incident Response Plan.
- Scan for Vulnerabilities.
- Download Our Cybersecurity Checklist.
- Conduct Cyber Fire Drills.
- Test Specific Scenarios.
- Triage Results.
- Closing Thoughts.
- Download Our Breach Response Checklist.
Who does CIP 013 apply to?
The CIP-013 standards become enforceable on July 1, 2020. NERC is authorized to penalize registered entities up to $1 million per day per outstanding violation of CIP-013. Between 2016 and 2018 multiple penalties were levied to as high a $2.8 million2 for a violator.