NERC Critical Infrastructure Protection (CIP)

Meet NERC CIP requirements with privileged access management and vulnerability management solutions from BeyondTrust.

NERC Cybersecurity Solutions

The NERC Critical Infrastructure Protection (CIP) plan (currently on version 5) consists of 9 standards and 45 requirements covering the security of electronic perimeters and the protection of critical cyber assets across North America’s bulk electric system. Under NERC CIP, covered entities are required to identify critical assets and to regularly perform a risk analysis of those assets. Organizations are also required to enforce IT controls protecting access to critical cyber assets. Systems for monitoring security events must be deployed, and organizations must have comprehensive contingency plans for cyber attacks.

It’s never been more important to protect critical infrastructure and its supporting assets, with 40% of critical infrastructure targeted by cyberattacks. Now is the time to take a look at the controls in place, determine gaps in coverage, and address them immediately.

How can privileged access management and vulnerability management help achieve compliance with NERC CIP requirements?

Privileged access management and vulnerability management play key roles in adhering to the NERC CIP standard, establishing strict access control requirements over utility generation and distribution systems, and verifying that network assets are not vulnerable to external hacking. The integration of these solutions into a common platform adds value and eliminates gaps in coverage.