What is NERC CIP-013?

NERC’s CIP-013 standard mandates that power and utilities secure their global supply chain by holding their vendors to cybersecurity requirements. With CIP-013 enforcement and deadlines around the corner, organizations are looking for solutions that provide them the most visibility across their supply chain with the fastest time to value.

To mitigate risks in the global supply chain and mitigate supply chain disruption caused by cybersecurity risks, responsible entities in the power and utilities sectors must come together and use this regulation as a means to protect the Bulk Electric System (BES) as a whole. This new CIP-013 supply chain risk management regulation limits power and utilities’ exposure to third-party cyber risks as they expand business in a predominantly digital age. Thus, the standard and upcoming effective date impacts all entities in the power and utilities industry, requiring them to focus on assessments, risk measurement, risk management, and cybersecurity best practices across numerous vendors.

See Also: 

• What is NERC CIP 
• NERC CIP Compliance 

Return to Cybersecurity Framework and Standards Glossary