On August 27, 2019, FERC staff and the North American Electric Reliability Corporation (“NERC”) staff (collectively, “Staff”) jointly issued a white paper on Notices of Penalty (“NOP”) for violating Critical Infrastructure Protection (“CIP”) Reliability Standards, which details requirements for Bulk Power System cyber security.  Staff elected to draft the white paper in response to the increase in Freedom of Information Act (“FOIA”) requests for the disclosure of non-public information in CIP NOPs, such as the identity of the CIP violator.  The overarching objective of the proposal is to provide increased transparency, while protecting sensitive security information that could jeopardize the Bulk Power System if made public.  If approved, the proposal will not have a retroactive effect on pending matters, or CIP NOPs already filed with the Commission.

Continue Reading