NexDefense Urges Electricity Industry to Recognize NERC CIP V5 as a Catalyst for a Greater Cybersecurity Strategy

Share Article

Leader in Industrial Control Systems Cybersecurity Calls Attention to the Limitations, Challenges and Risks Associated with a ‘Check-the-Box’ Security Posture in New Whitepaper

News Image
The size, complexity and sophistication level of today’s threat landscape underscores the importance for organizations to create and sustain a culture that goes beyond the basic parameters of compliance.

NexDefense Inc., a leading authority on cybersecurity for industrial control systems (ICS), today announced the release of its newest whitepaper, Going Beyond Compliance: Using NERC CIP V5 as a Catalyst for a Greater Security Strategy. The whitepaper is available for free download by visiting:

On April 1, 2016, the NERC CIP V5 standards, and the requirements in which owners and operators of electric facilities must conform, become enforceable. While most agree that NERC CIP V5 will help reduce security risk and improve reliability in the bulk electric power production and transmission, there should be no mistaking the standards as an absolute solution that eliminates all cyber risk. In fact, the unintended consequence of any regulation – industry or government initiated – is that it often leads some organizations to meet only the minimum requirements for compliance, inherently still leaving them vulnerable to attack.

NexDefense’s whitepaper examines NERC CIP V5, and calls attention to the limitations, challenges and risks associated with a ‘check-the-box’ approach that is based on building a security posture by maintaining minimal levels of compliance. Using examples, testimony and scenarios, this whitepaper reinforces the need for electric utilities to create an organizational culture that embraces cybersecurity as a valued necessity and not an unwelcomed burden or financial hardship.

“The electricity industry should be applauded for being one of the first and only industries to self-regulate cybersecurity,” said Michael Assante, co-founder and chief security strategist at NexDefense. “However, the size, complexity and sophistication level of today’s threat landscape underscores the importance for organizations to create and sustain a culture that goes beyond the basic parameters of compliance.”

NexDefense helps organizations across critical infrastructure sectors, like electricity, to identify threats, reduce risks and better maintain the availability, integrity and confidentiality of all essential operations. Sophia™, its patent-pending Industrial Network Anomaly Detection (INAD) system, is a cybersecurity solution purpose-built for control systems to enhance protection while also facilitating compliance to standards and best-practices such as NERC CIP. It understands ICS protocols and provides real-time insight into systems to give organizations visibility and access to the data they need to know to make real-time decisions to better protect critical infrastructure from cyber attacks.

“Those who wish to cause harm through cyber attack on critical infrastructure, such as the power grid, are both patient and constantly evolving their tools and techniques,” added Eric Cornelius, a NexDefense fellow and director of critical infrastructure and ICS at Cylance. “As such, our country’s critically important electric power organizations cannot assume that meeting basic compliance requirements will be sufficient to protect them from successful attack.”

For more information on NexDefense, visit Download the whitepaper at

About NexDefense
NexDefense empowers industrial control system operators with the real-time knowledge needed to maintain system integrity and combat sophisticated cybersecurity threats. Through Sophia™, a patent-pending industrial network monitoring and anomaly detection system, control system engineers, operators and security practitioners can gain valuable insight into networking events and activities that can negatively affect vital process and manufacturing systems. When employed throughout the control system’s lifecycle, its proven capacity to continuously identify, analyze and warn about deviations from normal operations provides unparalleled situational awareness and actionable intelligence to limit risk, reduce liabilities and enhance control system safety, security and productivity. For more information on NexDefense, visit and follow us @NexDefense.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Caroline Cassidy
+1 855.300.8209
Email >
since: 09/2012
Follow >
NexDefense, Inc.

Visit website