by Brianna Crandall — February 12, 2016—The manufacturers of critical grid equipment, represented by National Electrical Manufacturers Association (NEMA) Industry Director Steve Griffith, highlighted the efforts of electrical manufacturers in establishing consensus guidelines and best practices that address U.S. supply chain integrity at a recent Federal Energy Regulatory Commission (FERC) Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management.
Director Griffith said:
As the manufacturers of critical grid equipment, NEMA members play an important role in strengthening the cybersecurity of the electric sector supply chain. Electrical manufacturers understand that a secure supply chain is essential to a secure grid and that cybersecurity features should be built into, not bolted onto, manufacturers’ products.
They also understand that managing cybersecurity supply chain risk requires a collaborative effort and open lines of communication between electric utility companies and the manufacturers of critical electric grid systems and components — both hardware and software.
Griffith highlighted the efforts of electrical manufacturers in establishing guidelines and best practices that address U.S. supply chain integrity throughout the four stages of a product’s lifecycle: manufacturing, delivery, operation, and end-of-life. These best practices were published by the NEMA Cybersecurity Task Force as NEMA CPSP 1-2015, Supply Chain Best Practices.
Mr. Griffith also noted that electrical manufacturers support voluntary industry consensus standards and guidelines (such as Supply Chain Best Practices) to address cybersecurity and supply chain risks, and at this time NEMA does not believe there is a need for FERC to adopt mandatory reliability standards for manufacturers’ supply chains.
Other participants in the FERC Technical Conference included NEMA member Schweitzer Engineering Laboratories, electric utilities, grid operators, federal agencies, information and communication technology companies, and security firms.
The full agenda for the staff technical conference is available from the FERC Web site, and NEMA CPSP 1-2015, Supply Chain Best Practices is available from the NEMA Web site.
