The Federal Energy Regulatory Commission has approved updates to reliability standards intended to strengthen security controls that protect the bulk electric system from cyber threats linked to the utility sector's supply chain. The web of vendors, contractors and third-party suppliers serving the utility sector provide adversaries with a slew of targets in the supply chain that could be used to create or exploit vulnerabilities needed to initiate attacks on BES cyber systems and equipment. Regulators responded to this threat with the introduction of critical infrastructure protection standards targeted at supply chain risk management, but FERC made clear when it approved those standards in October 2018 that the new requirements were only a first step.
展开▼