- Dec 18, 2021 5:20 pm GMT
One of the key messages in the December 15, 2021 status report of the National Risk Management Center is an imperative to secure the nation from cyber threats:
"The NCF Framework is based on the idea that critical infrastructure is increasingly cross-sector, and that a siloed approach is not sufficient to manage risk, particularly around cybersecurity."
The NERC CIP approach to grid cyber security is an example of a siloed approach that fails to secure the entire electric grid infrastructure. A more comprehensive, centralized approach to baseline cybersecurity protections is needed in order to secure the entire electric grid, including those critical infrastructure functions upon which the electric grid depends on, such as telecommunications, natural gas pipelines and other key dependencies. A weak link in any of these dependent functions is a risk to the electric grid. A holistic set of baseline cybersecurity policies that apply to all 55 critical functions is needed to eliminate weak links and ensure a baseline set of cybersecurity protections are in place. A siloed, fragmented and inconsistent approach to cybersecurity, such as NERC CIP, should be replaced with a more robust and consistent policy administered by a central authority, such as CISA, supported by the superior cybersecurity skills and expertise of NIST, DOJ and other government agencies in a coordinated, cohesive, efficient and effective approach to protect our nation. The NRMC issued the 2021 Status Update on 12/15/2021 is available here.
No discussions yet. Start a discussion below.