hamburger-nav-icon
region-flag-icon
Search by Category
Audio
Acoustic Materials
Assistive Listening
Audio Controllers
DJ Equipment
Headphones, Headsets & Earsets
Language Interpretation
Listening Centers / Stations
Microphones
Public Address (PA), Paging & Background Music Systems
Radio Communications Systems
Sound Masking & Speech Privacy Systems
Soundfield Systems
Speakers
Tour Group Systems
Cameras
Camcorders
Camera Auxiliary Equipment
Camera Controls
Camera Lenses
Camera Power Supplies
Camera Supports
Cameras - Special Application
Cameras - Studio Video
Digital Cameras (Still)
Cases & Bags
Audio Equipment Cases
Protective Cases
Soft Equipment Bags
Video Equipment Cases
Computers & Software
AV Software
Computer Audio Hardware
Computer Auxiliary Equipment
Computer Components & Storage
Computer Video Hardware
Computers (Professional)
Conferencing
Audio Conferencing Equipment
Conferencing / Discussion Systems
Telephony & VoIP Systems
Video Conferencing Equipment
Content Management
Content Recording & Storage Systems
Digital & Streaming Media Distribution Equipment
Control
Control Panels & Interfaces
Control Systems
Displays
Displays & Monitors
Video Walls
Furniture
AV Furniture
AV Lifts
Consoles
Monopods & Tripods
Stands
Lighting & Studio
Camera Lighting & Flashes
Light Stands & Booms
Lighting Auxiliary Equipment
Lighting Cables
Lighting Cases & Covers
Lighting Control Systems
Lighting Fixtures
Lighting Power Supplies
On-Light Modifiers
Portable Lighting
Stage Equipment
Strobe Lighting
Studio & Posing Equipment
Tabletop Shooting
Mounts & Rigging
Mounts
Rigging
Networking & Cabling
Cables & Connectors
Ceiling, Floor, Table & Wall Boxes
Channel Strips, Boxes & Processors
Fans & Coolers
Fiber Optic Systems
Network Equipment
Plates & Panels
Racks
Power
Energy Monitoring & Management
Power Distribution
Power Supplies
Presentation
Annotation
Audience Response Systems
Document Cameras (Visualizers)
Environmental Controls
Markerboards & Easels
Projection Screens
Projectors & Accessories
Training Aids
Whiteboards
Production
Audio Production Equipment
Production Duplication
Production Recording Equipment
Video Production Equipment
Security & Safety
Access Control
Intercom & IFB Systems
Security / Life Safety Call & Paging
Security Systems
Surveillance Equipment
Signal Management
Meters & Monitoring Equipment
Radio Frequency (RF)
Signal Processing Systems
Signal Routing / Switching
Test & Measurement Equipment
Wireless Signal Processing
mobile-region-flag-icon AV-iQ
mobile-region-flag-icon AV-iQ Europe
mobile-region-flag-icon AV-iQ Australia
EnglishFrenchGermanItalianPortugueseSpanish
Search by Category
EnglishFrenchGermanItalianPortugueseSpanish
What Maintaining NERC CIP Compliance Really Means

Article posted on March 29, 2021

Doomsday scenarios and wide-scale blackouts are often depicted in the media and tossed around hypothetically. Yet, as many in the utilities and critical infrastructure industry know, there has been an ostensible rise of attempted cyberattacks in recent years on these complex systems and grids that entire cities, nations and economies rely on.

Enter the U.S. government’s creation of the North American Electric Reliability Corporation (NERC), a framework designed to strengthen cyber resilience at critical operation centers by putting in place regulations to protect the Bulk Electric System (BES) of North America. Born out of this initiative was the critical infrastructure protection (CIP) standard, which became a mandate for utilities seeking to protect their control centers to follow guidelines and devise specific network security protection measures.

Owners, operators and users on the bulk power system are required to comply with an ever-evolving list of security standards. So, when technology integrators are contracted to deploy solutions within these control centers, it’s imperative that they play a proactive role in maintaining NERC CIP compliance.

Understanding Critical Energy Infrastructure

Before even starting on the path of preparing and coordinating for NERC CIP, it’s just as vital for integrators to fully grasp how these companies operate and maintain the BES —particularly if you’re planning on contributing to the greater control room design and configuration. The majority of these entities monitor the power grid and dispatch when a problem is diagnosed within their perimeter. But, the different system processes, software and platforms can take on a variety of arrangements when it comes to day-to-day monitoring, forecasting and control; some are on a smart-grid and highly centralized, while others may rely on interfaces that are more fragmented. 

Whether it’s energy management, outage management, customer and delivery tracking, synchrophasor measurements, system model validation, wide-area visualization or numerous others, it’s mission-critical to ensure that all connected components and applications of the control room function both securely and precisely as grid operators need them to. 

Elements of NERC CIP

On its surface, the fundamentals of NERC CIP are straightforward:

  • Identify and monitor critical assets
  • Train users and prepare management
  • Perform risk assessments
  • Establish an electronic security perimeter
  • Enforce physical security protocols
  • Restrict access to devices
  • Stay abreast of the latest cybersecurity practices

It all really boils down to physical and network security measures—or the people and the technology. As mentioned, under NERC CIP, utility companies operating on the BES are required to identify and categorize critical assets in the control room. Why? To regularly perform a risk analysis of those assets, implement cyber-monitoring tools and reduce network vulnerabilities in general. Makes sense, but the policies for governing modifications and access to those assets change frequently and can be complicated to comply with. 

The purpose of CIP deals with laying the groundwork so that operation centers are prepared to deal with potential threats and keep the national and regional critical infrastructure as secure as possible. But, is the onus of keeping up with new policy amendments and ensuring compliance solely on the utility companies? 

Working Together

The short answer is no. The longer answer? Still no, and in fact, the longevity of control room systems depends on technology integrators having full comprehension of NERC CIP standards.

From the supply chain to system testing to installation and configuration, technology providers have to be vetted by end-users to make sure that they are compliant with all CIP requirements. Therefore, control room integrators must be willing to go through the necessary training, pass evaluations and provide clear documentation that all personnel and equipment deemed as “critical assets” will be compliant and air-gapped when possible, whether that’s a video wall, large-format display, audio system, touch panel or processor. 

The value of that relationship goes further than simply following regulations; it’s a mutual understanding that NERC CIP compliance means something specific to their unique solution and their operation center design. Taking the time and effort to gain a deep knowledge of the technical and people-centered requirements—along with following security protocols employed to protect data—demonstrates that security and system integrity is a priority and not just a hoop to jump through.

Navigating the Future of Security & Control

The NERC CIP program was a direct response to the infamous Northeast black out of 2003. Research shows that since then, data and network protection measures continue to improve in tandem with the advancement of cyber threats. And as less people are needed in the control room with big data aggregation and artificial intelligence taking hold, it will only become more crucial to establish up-to-date cyber defenses and recognize what NERC CIP means to a utility’s control center. 

The Vistacom Control Room Solutions team likes to say that we speak CIP. We understand what it takes to securely integrate technology as operations become more and more agile, and we have the expertise to keep users in compliance. 

Get in touch with one of our control room specialists.


News

Request more information from a dealer near you