BES Cyber System Information in the Cloud
|
|
Michael Ahmad
|
Registered entities are increasingly implementing cloud-based solutions within their operations. However, cloud-based computing, networking, and storage for Bulk Electric System (BES) Cyber System Information (BCSI) have risks because of the data being entrusted to third-party providers. Adherence to Reliability Standards may require supplemental evidence compared to conventional on-premises environments. Beyond data protection, additional aspects to consider include:
- Methods to Identify BCSI (CIP-011-3 R1, Part 1.1)
- Confidentiality of BCSI (CIP-011-3 R1, Part 1.2)
- Management of Provisioned Access (CIP-004-7 R6)
Cloud services present an opportunity to enhance efficiency, resilience, and scalability, but must be implemented with a secure and compliant approach to ensure the reliability of the grid.
For Electric Reliability Organization (ERO)-endorsed guidance related to housing BCSI in the cloud, Texas RE encourages registered entities to refer to Usage of Cloud Solutions for BES Cyber System Information (BCSI).
