Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards

Marron, Jeffrey; Gopstein, Avi; Bogle, Daniel

doi:https://doi.org/10.6028/NIST.CSWP.21

NIST CSWP 21

Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards

Documentation Topics

Date Published: September 29, 2021

Author(s)

Jeffrey Marron (NIST), Avi Gopstein (NIST), Daniel Bogle (NERC)

Abstract

This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards and the NIST Cybersecurity Framework. Mappings of these two frameworks have been performed in the past; this effort updated the mapping to reflect the currently enforceable NERC CIP Standards and the NIST Cybersecurity Framework v1.1. This white paper helps organizations understand how they can use the mapping to achieve a more mature CIP requirement compliance program while improving their security posture and potentially reducing the organization's security and business risk.

Keywords

Bulk Electric System (BES); Critical Infrastructure Protection (CIP); Cybersecurity Capability Maturity Model (C2M2); North American Electric Reliability Corporation (NERC); National Institute of Standards and Technology (NIST); Online Informative References (OLIR); Reliability and Security Technical Committee; Security Working Group (SWG)

Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.CSWP.21
Download URL

Supplemental Material:
Local Download (pdf)
Public Data Resource

Related NIST Publications:
CSWP 6

Document History:
09/29/21: CSWP 21 (Final)

Topics

Security and Privacy

reliability, risk management

Applications

cybersecurity framework

Activities and Products

reference materials

Sectors

smart grid