The North American Electric Reliability Corporation (NERC) develops standards to ensure reliability and safety for the North American bulk power system. This includes the Critical Infrastructure Protection (CIP) standards to strengthen cybersecurity. These detailed requirements use a risk management approach to require a baseline level of security controls for high, medium, and low impact systems. All bulk power system owners and operators — which together create and transport electric power to millions of users — must comply with approved NERC reliability standards. Penalties for noncompliance with CIP standards can include orders to mitigate violations and track improvements, as well as civil fines ranging to more than a million dollars per violation, per day. Below, learn more about NERC CIP and how Rapid7 can help you achieve your compliance goals.
Inventory cyber assets and assess risks
Establish cybersecurity policies
System security management
Electronic access controls and security perimeters
Maintain incident detection and response plan
Test safeguards and processes regularly
If your company creates and transports bulk electric power in North America, Rapid7 can help you strengthen your cybersecurity and stay compliant with CIP standards.