I would like to end by saying that this was a document that could never fully please everyone, and if we remember it's a 1.0 version, then in that context it's an ambitious and excellent start. Let's start providing feedback now so that 2.0 can be even better.Well guess what readers? Some of you and maybe some others provided feedback, so well and fully in fact that we find ourselves fewer than 9 months later with a new and improved 2.0 version, just released by NARUC after announcing it at its Winter Meetings (note sublime, almost hypnotic snowflake animation on landing page).
After reviewing the new document myself, and getting some input from the authors, while there are numerous small changes that help, the main difference seems to be an emphasis on having regulators develop an overarching strategy before diving into more granular elements like orders, requirements and rules.
To me this is creates a nice parallel to what some of the more forward leaning utilities are doing when they work to create security architectures. In both cases, whether on the regulator or the regulated side, the enabling concept is to craft a coherent larger plan before making point enforcement decisions or deploying point security solutions. Unquestionably sound stuff.
But still there's this (a holdover from version 1.0). Question 28 under Personnel and Policies invites commissioners to ask: "Do you have a Chief Security Officer and do they have explicit cybersecurity responsibilities?"
I would arm the commissioners with the knowledge that while many utilities will reflexively say they have a CSO, that he or she is neither a true C (chief) nor a true O (corporate officer). When there are more true executive level security chiefs out there, empowered to develop and enforce cybersecurity policy enterprise-wide (IT, Smart Grid and OT) then that will clearly mark a departure from status quo and the beginning of a more proactive, cyber risk management-based utility culture.
And maybe we'll see that called out in NARUC's 3.0 version. But for the moment, I think these folks deserve a pause to refresh. They've been producing high quality guidance at a very rapid pace ... kudos.
* For those unfamiliar with this acronym, it stands for the National Association of Regulator Utility Commissioners. This is the national body that represents the electric, telecom and water regulating interests of the 50 US states. From a security point of view, NARUC and the state commissioners primarily watch the distribution elements of the grid, whereas the NERC CIPs in North America focus on large generation and transmission assets. You can check out the NARUC site by clicking HERE.
If somebody wants expert take on the main topic of blogging next I advise him/her to go to this site, continue the fussy job.http://www.huffingtonpost.com/shane-paul-neil/big-data-bigger-breaches-_b_6109928.html
The stuff in this blog is in not only incredible but also providing the great knowledge to the people.payday loan with savings account
Your style is so exclusive compared to other individuals. Thank you for posting when you have the chance, guess I would just make this bookmarked.
Best of luck for your future post, these all will be surely awesome like this one. insurance rates
Thanks for compiling such nicest information in your blogs. Articles are very informative and hope again I’ll find more like that.single premium life insurance
Cool blog site friend I'm about to suggest this to all my listing contacts.orogold
I am greatly thankful to you for this exciting blog; I am cheerful because of your smart working really. Sugar Land roofing
Whatever you have provided for us in these posts really appreciative.pay day loans
This is my ideal site because whenever I come here to visit I always get the new things from here. ipv d2 75w
Whenever I have free time I read the blogs but today I got the unique blog page where I learnt many new things thanks guys! Lakeville bathroom remodel
Just saying thanks wouldn’t just be enough, for the fantastic fluency in your writing.online payday loan
With polite greetings I want to say that this post is amazing!! Thanks online payday loans
Your blogs and its stuff magnetize me to return again n again. niche profit full control review
Guys you did great work. I’m very pleased to say that these are wonderful articles and blogs. Thanks for this. term life insurance
I got your blog yesterday and still I am waiting for the new posts… this is quite satisfying blog so all guys come here and learn something special. cash loan
Hurrah, this is the thing which I was searching for, what a cool stuff it is!!! water softener reviews
Hey enormous stuff or pleasant information you are offering here.forklift train the trainer certification
Excellent post! I had been fed up for a long time searching lots of sites, but now I have come on the right place. Thanks New York Brain Injury Lawyer
Hi Dear, have you been certainly visiting this site daily, if that's the case you then will certainly get good knowledge. Vine Vine Skin Care
This is really an excellent blog as well as its content. Vine Vera Reviews
In actual fact the blogging is spreading its wings fast. Your write up is the best example of it. life insurance and depression
The quality of your blogs and conjointly the articles and price appreciating. vehicle wraps
Post a Comment