NERC CIP-002 through CIP-014 Revision 6_CIP-005-5 1.4

NERC CIP-002 through CIP-014 Revision 6

Electronic Security Perimeter

CIP-005-5 1.4

1.4 Where technically feasible perform authentication when establishing Dial-up Connectivity with applicable Cyber Assets.

M1. Evidence must include each of the applicable documented processes that collectively include each of the applicable requirement parts in CIP-004-5.1 Table R1 Security Awareness Program and additional evidence to demonstrate implementation as described in the Measures column of the table. CIP-005-5 Table R1– Electronic Security Perimeter Part Applicable Systems Requirements Measures 1.1 High Impact BES Cyber Systems and their associated: PCAMedium Impact BES Cyber Systems and their associated: PCAAll applicable Cyber Assets connected to a network via a routable protocol shall reside within a defined ESP. An example of evidence may include but is not limited to a list of all ESPs with all uniquely identifiable applicable Cyber Assets connected via a routable protocol within each ESP. CIP-005-5 Table R1– Electronic Security Perimeter Part Applicable Systems Requirements Measures 1.2 High Impact BES Cyber Systems with External Routable Connectivity and their associated: PCAMedium Impact BES Cyber Systems with External Routable Connectivity and their associated: PCAAll External Routable Connectivity must be through an identified Electronic Access Point (EAP). An example of evidence may include but is not limited to network diagrams showing all external routable communication paths and the identified EAPs. CIP-005-5 Table R1– Electronic Security Perimeter Part Applicable Systems Requirements Measures 1.3 Electronic Access Points for High Impact BES Cyber Systems Electronic Access Points for Medium Impact BES Cyber Systems Require inbound and outbound access permissions including the reason for granting access and deny all other access by default. An example of evidence may include but is not limited to a list of rules (firewall access control lists etc.) that demonstrate that only permitted access is allowed and that each access rule has a documented reason. 1.4 High Impact BES Cyber Systems with Dial-up Connectivity and their associated: PCAMedium Impact BES Cyber Systems with Dial-up Connectivity and their associated: PCAWhere technically feasible perform authentication when establishing Dial-up Connectivity with applicable Cyber Assets. An example of evidence may include but is not limited to a documented process that describes how the Responsible Entity is providing authenticated access through each dial-up connection. CIP-005-5 Table R1– Electronic Security Perimeter Part Applicable Systems Requirements Measures 1.5 Electronic Access Points for High Impact BES Cyber Systems Electronic Access Points for Medium Impact BES Cyber Systems at Control Centers Have one or more methods for detecting known or suspected malicious communications for both inbound and outbound communications. An example of evidence may include but is not limited to documentation that malicious communications detection methods (e.g. intrusion detection system application layer firewall etc.) are implemented.

 

Click here to Start your FREE trial today!

Explainer video

 

What is a Cybersecurity Compliance Framework?

You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security and privacy frameworks and certifications.

With the Lionfish platform, every framework is supported with guided scoping, policies, controls, automated evidence collection, and continuous monitoring, ensuring efficient preparation for audits or attestation in minimal time.

The Lionfish platform is compatible with a wide range of security and privacy frameworks, including:

Click here to Start your FREE trial today!

Explainer video