Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards
Jeffrey Marron, Avi Gopstein, Daniel Bogle
This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards and the NIST Cybersecurity Framework. Mappings of these two frameworks have been performed in the past; this effort updated the mapping to reflect the currently enforceable NERC CIP Standards and the NIST Cybersecurity Framework v1.1. This white paper helps organizations understand how they can use the mapping to achieve a more mature CIP requirement compliance program while improving their security posture and potentially reducing the organization's security and business risk.
Bulk Electric System (BES), Critical Infrastructure Protection (CIP), Cybersecurity Capability Maturity Model (C2M2), North American Electric Reliability Corporation (NERC), National Institute of Standards and Technology (NIST), Online Informative References (OLIR), Reliability and Security Technical Committee, Security Working Group (SWG).
, Gopstein, A.
and Bogle, D.
Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards, OTHER, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.CSWP.09292021, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=933269
(Accessed December 5, 2022)