On January 25, 2019, a settlement agreement was reached between a utility company, which allegedly violated the Critical Infrastructure Protection (CIP) Reliability Standards, and the North American Reliability Corporation (NERC). Through this settlement, NERC provides guidance to the electric industry for compliance with the CIP Reliability Standards. The substantial penalties should prompt companies to educate senior management on cybersecurity risks and allocate the resources necessary to implement a cybersecurity program consistent with CIP Reliability Standards and other compliance obligations.

To read the full article, click here.