Fortress Information Security announces the launch of the Foundations Program to assist utilities of all sizes needing to address compliance with NERC Critical Infrastructure Protection (CIP) standards.
Fortress’ Foundations Program provides these utilities with a step-by-step pathway for achieving NERC CIP compliance beginning with Bulk Electric System (BES) cyber security classification (CIP 002), security management controls (CIP 003) and all the way through the newly issued supply chain requirements (CIP 13).
The Fortress Foundations Program not only maps what utilities must address at the beginning of their compliance activities, but also helps utilities achieve compliance with specific modules of the NERC CIP standards. Fortress CIP compliance programs — such as its downstream cybersecurity protection, incident response and supply chain risk management solutions — are tailored to suit client organizations’ requirements.
The Fortress Foundations Program usually begins with a NERC gap analysis followed by identification and certification of BES assets, followed by implementation of security management controls oversight of both physical and electronic access. Lastly, protocols are addressed for risk assessment, training and security awareness of personnel including contractors and vendors.