CRITICAL INFRASTRUCTURE

PROTECTION COMMITTEE

2

Group carried over from ECAR, MAAC, & MAIN workgroups that were assembled to address 1200 Urgent Action Standards prior to regions’ consolidation.

Upon the organization of RFC and development of the permanent CIP Standards, the groups transitioned into the ReliabilityFirst CIP Subcommittee under the oversight of the RFC Reliability Committee.

3

In 2008, members of the CIP Subcommittee and RFC Staff felt timing was appropriate to transition into a full RFC Standing Committee reporting directly to RFC Staff and the RFC Board Of Directors.

4

Reasons for reclassification:• The uniqueness of cyber security sets it apart

from other Reliability Standards.• NERC established CIP as a full NERC

program function, and created new, high level management positions to oversee them:– VP & Chief Security Officer (Michael Assante)– More recently, Manager of CIP (Timothy Roxey).

5

Reasons for reclassification:

• Because of the amount of activity and importance placed on these particular Standards, RFC Staff and Subcommittee members felt that operating under a Subcommittee designation hindered its ability to respond in a prompt manner.

6

Reasons for reclassification:• Allows a more direct line of

communications with NERC and interregional technical groups.

• Allows a more flexible and responsive environment for addressing urgent and timely situations on behalf of RFC.

7

Reasons for reclassification:

• Sends a good “message” to industry affiliates, regulators and the public that RFC and its Member organizations are taking pertinent measures to address cyber vulnerabilities.

8

9

MEMBERSHIP:

• RFC Regular Members – May designate up to 3 Primary & 3 Alternate Representatives with expertise in the disciplines of Physical Security, Cyber Security, and Operations.

• RFC Associate Members – May designate a representative for each discipline to be considered as an Alternate.

• One ReliabilityFirst staff liaison.(Larry Bugh, Secretary & Chief Security Officer)

10

MEMBERSHIP - Voting:

• Primary Representatives at RFC CIPC meetings have voting privileges.

• Alternate Representatives do not have voting privileges unless they are acting as a proxy for a Primary Representative.

• RFC Staff Liaison does not have voting privileges.

11

Officers:• Chair• Vice Chair• Secretary

Elected from Committee Primary Representatives and serve for two years.

Vice Chair expected to automatically step into Chair position.

Executive Committee consists of Chair, Vice Chair, Secretary and RFC Staff Liaison.

12

Selection of Nominees for NERC CIPC Voting Membership:

• 3 nominees, each assigned to one discipline (Physical, Cyber, or Operations)

• The active RFC liaison is automatically assigned to one discipline.

13

Selection of Nominees for NERC CIPC Voting Membership:

• Nominees must come from a ReliabilityFirst Regular Member company.(RFC Bylaws, Article V, Members & Voting Rights)

• Nominees are appointed to the NERC CIPC as Voting Members by RFC and represent RFC in all matters pertaining to NERC CIPC activities.

14

Meetings: • RFC CIPC meets quarterly. Generally, a

week or two prior to each NERC CIPC meeting.

• All meetings are open to the public however, we do set aside periods of time for closed sessions that are limited to Primary and Alternate Representatives and the RFC staff liaison.

15

Meetings:

• Most meetings are scheduled in Columbus, OH, at the Marriott Columbus Airport.

• Guest speakers are allowed to present information specifically relevant to CIP issues.

16

Purpose & Objectives: • To promote the physical, cyber, and operational

security of the critical electricity infrastructure in accordance with the NERC CIP Standards.

• Submit comments to NERC CIP related documents under development.

• Provide a forum for discussion concerning Critical Infrastructure Protection among interested participants responsible for CIP compliance initiatives at ReliabilityFirst Member organizations.

17

Forums Include:

• Face-to-face quarterly meetings.

• Conference calls.

• Workshops via on-site conference facilities and Webinars.

• On-line collaboration website.

18

•On-line, web-based project collaboration tool.

19

•On-line, web-based project collaboration tool.

20

• To register for Membership, contact:

Larry Bugh @ RFC

Secretary & Chief Security Officer

(330)456-2488