Is the Best Cyber Defense a Good Offense?
On January 20th, the Federal Energy Regulatory Commission (FERC) issued a new Notice of Proposed Rulemaking (NOPR) that would direct the North American Electric Reliability Corporation to strengthen cybersecurity standards to prevent hackers from breaching cyber perimeter barriers. The new rules would appear to require “internal network security monitoring (INSM) for high- and medium-impact bulk electric system cyber systems.” In other words, the new rules would require electric cybersecurity systems to be more offensive by seeking potential internal threats, as well as those posed from outside the security perimeter.
Citing the 2020 SolarWinds hacking, the proposed FERC rule seeks to address cyber threats coming from trusted entities, such as employees or supply chain vendors. The new INSM standards would enable utilities to more closely monitor internal communications within protected networks so the presence of a threat could be more readily detected and acted upon. Moreover, the new directive would provide faster damage assessment and greater resiliency should an attack be successful.
FERC is seeking industry comment on the proposed instruction to help develop new INSM reliability standards for high and medium-impact cyber systems. Comments are due no later than 60 days after the NOPR appears in the Federal Register.