SUBNET can help transmission and distribution companies meet the NERC CIP-008 Incident Reporting and Response Planning standard. PowerSYSTEM Center
is a powerful software application that provides comprehensive reports relating to an incident. Reports can be customized by date, devices and users. Learn more about PowerSYSTEM Center
UNIFIED GRID INTELLIGENCE
Standard CIP-008 ensures the identification, classification, response, and reporting of Cyber Security Incidents related to Critical Cyber Assets. Standard CIP-008 should be read as part of a group of standards numbered Standards CIP-002 through CIP-009.
Cyber Security Incident Response Plan — The Responsible Entity shall develop and maintain a Cyber Security Incident response plan and implement the plan in response to Cyber Security Incidents.The Cyber Security Incident response plan shall address, at a minimum, the following:
Procedures to characterize and classify events as reportable Cyber Security Incidents.
Process for reporting Cyber Security Incidents to the Electricity Sector Information Sharing and Analysis Center (ES-ISAC). The Responsible Entity must ensure that all reportable Cyber Security Incidents are reported to the ES-ISAC either directly or through an intermediary.
Process for updating the Cyber Security Incident response plan within thirty calendar days of any changes.
Process for ensuring that the Cyber Security Incident response plan is reviewed at least annually.
Process for ensuring the Cyber Security Incident response plan is tested at least annually. A test of the Cyber Security Incident response plan can range from a paper drill, to a full operational exercise, to the response to an actual incident. Testing the Cyber Security Incident response plan does not require removing a component or system from service during the test.
Response actions, including roles and responsibilities of Cyber Security Incident response teams, Cyber Security Incident handling procedures, and communication plans.
Cyber Security Incident Documentation — The Responsible Entity shall keep relevant documentation related to Cyber Security Incidents reportable per Requirement R1.1 for three calendar years.
Visit the NERC website for more details regarding Critical Infrastructure Protection Standards.
Learn more about how SUBNET can help you meet NERC CIP standards with PowerSYSTEM Center.
Visit the following links to learn more about NERC CIP standards and how SUBNET can help you to comply.