Welcome to the new Energy Central — same great community, now with a smoother experience. To login, use your Energy Central email and reset your password.

Thu, Mar 24

Congress Passes New Cyber Incident and Ransomware Payment Reporting Legislation | JD Supra

The article linked below provides an overview of the new cybersecurity reporting law that was signed by President Biden last week. Yesterday I attended an industry meeting where CISA explained how the new law is expected to work, although many details are still being flushed out. One point was clear, the new reporting requirements go beyond the scope of NERC CIP, CIP-008 is only a subset of what the new law covers for cybersecurity reporting. The new law also requires cyber incident reporting on assets outside of the ESP, i.e. Settlement systems, market systems, etc, within 72 hours.