StatusThe comment and nomination period for the Project 2022-05 Modifications to CIP-008 Reporting Threshold Standard Authorization Request (SAR) concluded at 8 p.m. Eastern, Monday, December 5, 2022.
BackgroundReliability Standard CIP-008-6 became effective on January 1, 2021, in response to FERC Order No. 8481 directing NERC to develop modifications to the Reliability Standards to require reporting of Cyber Security Incidents and attempt(s) to compromise a responsible entity's Electronic Security Perimeter (ESP) or associated Electronic Access Control or Monitoring Systems (EACMS).
Since the effective date of CIP-008-6, there has not been a material change from CIP-008-5 in the number of Reportable Cyber Security Incidents or Cyber Security Incidents that were determined to be an attempt to compromise an applicable system. This project will address gaps in CIP-008-6 permitting a subjective determination of attempt(s) to compromise. The Standard Drafting Team (SDT) will modify the Reliability Standards and associated definitions as necessary to provide a minimum expectation for thresholds to support the definition of attempt to compromise.
Standard(s) Affected: CIP-008
Purpose/Industry NeedIn Q3 2021, the ERO Enterprise initiated a study to better understand how registered entities have implemented Reliability Standard CIP-008-6; specifically, how the registered entities have interpreted Reportable Cyber Security Incidents and defined attempt(s) to compromise. The study concluded that the current language of the Reliability Standard permits the use of subjective criteria to define attempt(s) to compromise, and most programs include a provision allowing a level of staff discretion. The resulting white paper concluded that2 Reliability Standard CIP-008-6, or definitions, will be modified to provide a minimum expectation for thresholds defining attempt to compromise.
this project's observer mailing list
Select "NERC Email Distribution Lists" from
drop-down menu and specify “Project 2022-05 Modifications to CIP-008 Reporting Threshold Observer List” in the Description Box.
2 CIP-008-6 Effectiveness Study Summary (nerc.com)
Supporting MaterialsUnofficial Nomination Form (Word)
Standard Authorization RequestSupporting MaterialsUnofficial Comment Form (Word)
home | account log-in/register | legal and privacy/trademark policy | site map | careers | contact us
Atlanta Office | 3353 Peachtree Road, NE Suite 600 North Tower, Atlanta, GA 30326 | 404-446-2560 Washington Office | 1401 H Street NW, Suite 410, Washington, DC 20005| 202-400-3000
Group Health Plan Transparency in Coverage Files*
*This link leads to the machine-readable files that are made available in response to the federal Transparency in Coverage Rule and includes negotiated service rates and out-of-network allowed amounts between health plans and healthcare providers. The machine-readable files are formatted to allow researchers, regulators, and application developers to more easily access and analyze data.