skip to Main Content
GridSME Welcomes Mark Rabuano as Director of Regulatory Compliance
October 12, 2018

GridSME Welcomes Mark Rabuano as Director of Regulatory Compliance

Grid Subject Matter Experts is excited to announce its new addition to the team, Mark Rabuano, as the Director of Regulatory Compliance. Mark has a strong legal background and substantial experience in energy regulation and compliance for public utilities and independent power producers. By joining GridSME, Mark will assist our GO/GOP clients by maintaining programs that mitigate and manage the risk of potential NERC compliance violations.

Prior to joining GridSME, Mark worked for the NAES Corporation from 2016 to 2018 as the Manager of NERC Services, where he directed management and oversight of 70+ NERC GO/GOP compliance programs, including implementation of procedures and internal controls necessary to maintain NERC compliance. Mark also worked at PacifiCorp from 2010 to 2016 in various roles including Senior Counsel of Pacific Power.

Mark graduated from UCLA Anderson School of Management with a Master’s in Business Administration, the University of Pennsylvania Law School, Juris Doctor, and Wake Forest University, Bachelor of Arts in History and Communication.

Mark currently resides in Redmond, Washington and will telecommute with frequent visits to the GridSME office.

Welcome Mark!

FERC Directs Development of Standards for Supply Chain Cyber Controls
August 4, 2016

FERC Directs Development of Standards for Supply Chain Cyber Controls

  • August 4, 2016
  • FERC

On July 21, 2016, FERC announced they “directed NERC to develop a forward-looking, objective-based Critical Infrastructure Protection (CIP) Reliability Standard that requires each affected entity to develop and implement a plan that includes security controls for supply chain management for industrial control system hardware, software, and services associated with bulk electric system operations.” Have you considered how to address this higher level of regulatory obligation?

Read More

CIP Extension Granted

  • February 25, 2016
  • FERC

The implementation of V5 has been delayed until July 1, 2016 to coincide with the initial V6 changes.

While the extension is surely welcomed by many, this should not be seen as an opportunity to take your eye off the ball. Registered entities should keep an April 1 target date and allow themselves to test run their V5/V6 programs and controls. July 1 will approach quickly and security threats, which continue to increase in their frequency and complexity, will not take a three month break.

http://elibrary.ferc.gov/idmws/common/OpenNat.asp?fileID=14155001

FERC Approves CIP Version 5 Reliability Standards
November 25, 2013

FERC Approves CIP Version 5 Reliability Standards

  • November 25, 2013
  • FERC

ferc1

We always comment that the pace of regulatory changes in our industry are increasing, and last Thursday was a great example. As you are likely aware, FERC approved version 5 of the Critical Infrastructure Protection reliability standards proposed by NERC on last Thursday, November 21. Version 5 represents a significant change in approach that will require a host of new activities for registered entities. Version 5 will affect, to a great degree, many of the entities that previously had few or no Critical Cyber Assets. One of the biggest unknowns is what will ultimately be required for the Low Impact designated facilities under the new criteria. We are tracking this particular development closely and will ensure that all are kept up with the latest information.

Please find the link to the CIP V5 Regulatory Bulletin below, which is a supplement to our monthly newsletter.

At GridSME, we are currently working with clients on implementing version 5. We can help answer questions or give guidance to your compliance program as you start to assess the necessary changes. Although the effective date of version 5 is not until 2016,  we would strongly suggest starting your CIP V5 assessment and preparations as soon as possible. There are many things you’ll need to consider that may change how you are implementing projects, making decisions on facilities, access controls, etc. Starting your CIP version 5 transition now can help align your organization to be compliant on day one of the implementation date.

Please feel free to contact our office and talk with our compliance team regarding CIP version 5 changes and challenges.

We look forward to assisting you.

GridSME CIP V5 Order Summary

To leave a comment please click the “Leave a Comment” button under the headline of this post.

FERC opens new Office of Energy Infrastructure Security (OEIS) to focus on cybersecurity
September 27, 2012

FERC opens new Office of Energy Infrastructure Security (OEIS) to focus on cybersecurity

  • September 27, 2012
  • FERC

ferc1

On September 20, 2012, FERC announced it was starting a new Office of Energy Infrastructure Security (OEIS) to focus on cyber and physical security risks to energy infrastructure. FERC Chairman Wellinghoff, in a statement, said that the OEIS “is designed to provide leadership, expertise, and assistance to the Commission in identifying, communicating, and seeking comprehensive solutions to significant potential cyber and physical security risks to the energy infrastructure under the Commission’s jurisdiction.”

Wellinghoff continued, “the Office will concentrate its efforts and resources in four areas. First, OEIS is charged with developing recommendations for identifying, communicating and mitigating potential cyber and physical security threats to Commission jurisdictional energy infrastructure using our existing statutory authorities. Second, OEIS will offer assistance, expertise, and advice to other federal and state agencies, jurisdictional utilities, and Congress for identifying, communicating and mitigating cyber and physical security threats to Commission jurisdictional energy infrastructure. Third, the Office will participate in interagency and intelligence-related coordination and collaboration efforts with appropriate federal, state agencies and industry representatives on cyber and physical security matters related to Commission jurisdictional energy infrastructure. Fourth, OEIS will conduct outreach with private sector owners, users and operators of the energy delivery systems, regarding identification, communication and mitigation of cyber and physical threats to Commission jurisdictional energy infrastructure.”

The Chairman also stated that “OEIS’ work will be complementary to, not a replacement of, FERC’s existing regulatory processes for reliability” i.e. NERC Crticial Infrastructure Protection (CIP) standards.

Gerry Cauley, President and CEO of NERC welcomed the move by FERC in a brief statement stating the move by FERC “reflects the importance FERC places on ensuring the security of our nation’s bulk power system, and NERC looks forward to coordinating our critical infrastructure program with this new office.”

Joe McClelland was chosen to serve as Director of this new office. Mr. McClelland has served as the Director of the Office of Electric Reliability (OER) since its inception in 2006. Ted Franks has been named Acting Director of OER.

Back To Top