NERC Critical Infrastructure Protection (CIP) Version 5 and the associated training requirement for persons with electronic or authorized unescorted physical access to BES Cyber Systems represent a significant transition from the requirements in Version 3. Entities with High or Medium Impact BES Cyber Systems are faced with having to train on 9 specific training topics identified in CIP-004-5.1 Requirement 2.1 and the policy requirements of CIP-003-5 Requirement 1.1 through 1.9. Additionally, these entities are required to meet security awareness training requirements included in CIP-004-5.1.
In this webinar we'll discuss the differences in training requirements in Version 5, the implied requirements included in the Guidelines and Technical Basis section of CIP-003-5, and the considerations and strategies for choosing to deploy a common training program or one tailored to be appropriate to individual roles, functions or responsibilities. We'll also review the Cyber Security Awareness policy requirements for Low Impact BES Cyber Systems in the proposed CIP-003 Version 6 and why it makes sense to incorporate awareness training in your Version 5 program.
Here at SANS we have been working hard to develop a training program that is easy to operationalize and manage, and focuses on the basic knowledge elements needed to support your cyber security and compliance objectives. Come learn how deploying the SANS NERC CIP Version 5 computer based training program including modular videos, engaging module quizzes, and progress tracking reporting can ease your NERC CIP compliance challenge and eliminate the burden of maintaining custom training.
The SANS NERC CIP Version 5 computer based training program, which addresses NERC CIP-004-5.1 R2, will be available this summer. Click here to learn more.
The SANS ICS team members presenting have extensive electric industry experience having been former Registered Entity Primary Contacts, a former NERC officer, and a Co-Chair of the NERC CIP Interpretation Drafting Team. Together the team brings real-world, practitioner experience gained from developing and maintaining NERC CIP and NERC 693 compliance programs and actively participating in the standards development process.