TA notice: If you’re looking for the post I
wrote earlier today on the pandemic, go here.
NERC put out a notice this week
about a series of webinars on supply chain cyber security risk management,
which will start next Monday. They will all be at 1 PM Eastern time for one
hour, and you don’t need to sign up for any of them. I will present two of
them: on March 30 on Supply Chain Cyber Security Risk Management Lifecycle, and
on April 20 on Vendor Risk Management Lifecycle. Here is the full announcement:
Webinar Announcement
Supply Chain Working Group
Security Guidelines for the
Electricity Sector – Supply
Chain
When it's time, join your meeting here: Join Meeting
Teleconference: 1-415-655-0002
| Access Code: 735 632 114
|
|||||||||||||||||||||||||||||||
The Supply Chain Working Group (SCWG), part of
the Reliability and Security
Technical Committee (RSTC), is presenting a series of
webinars to elaborate on security guidelines that
address cyber security supply chain risk management issues.
The hour-long webinars will broadcast weekly on
Mondays at 1:00 p.m. Eastern, beginning on March 23, 2020. All webinars will
be recorded and subsequently available on the Supply Chain Risk Mitigation Program page. No
preregistration is necessary; click the link above to attend each webinar.
Before and during each webinar, submit questions about
the supply chain security guidelines to CIPCadmin@nerc.net with “SCWG Webinars” in
the subject line.
Reliability guidelines are not binding norms or
parameters that directly support compliance to NERC’s Reliability Standards,
so their use is not monitored or enforced. While applying the recommendations
from a guideline is highly encouraged and is expected to improve the security
posture of an organization, their incorporation into industry practices is
strictly voluntary.
|
|||||||||||||||||||||||||||||||
For more information or
assistance, please contact Tom Hofstetter (via
email).
|
Any opinions expressed in this blog post are strictly mine
and are not necessarily shared by any of the clients of Tom Alrich LLC.
If you would like to comment on what you have read here, I
would love to hear from you. Please email me at tom@tomalrich.com. Please keep
in mind that if you’re a NERC entity, Tom Alrich LLC can help you with NERC CIP
issues or challenges like what is discussed in this post – especially on
compliance with CIP-013. My offer of a free webinar on CIP-013, specifically
for your organization, remains open to NERC entities and vendors of hardware or
software components for BES Cyber Systems. To discuss this, you can email me at
the same address.
No comments:
Post a Comment