To reduce cybersecurity risks and exposure, NERC is in the process of developing a new standard requiring internal network security monitoring (INSM) within a trusted Critical Infrastructure Protection networked environment. The standard will apply to all high impact BES Cyber Systems with and without external routable connectivity and medium impact BES Cyber Systems with external routable connectivity. The standard could also include low impact BES Cyber Systems in the future.
According to the Federal Register, “INSM permits entities to monitor traffic once it is within a trusted zone, such as the Electronic Security Perimeter, to detect intrusions or malicious activity.” Given the increasingly sophisticated methods by which attackers gain access to critical systems, it is critical that entities move beyond protection of the electronic security perimeter and implement dynamic, continuous monitoring measures. NERC will revise a plan to include INSM into the existing CIP Reliability Standards for approval by July 9, 2024. ...read more!
