This is the first entry on

This is the first entry on I will start by asking for help. Help to develop what NERC CIP is and what you would like to be. Secondly, help from the few technical solution architects in this area to critique the solutions I offer are provide and offer up solutions of their own.

I created because I found a lot of good information about what NERC v5 is and the changes from v3 to v5.  But none of them talked what is technical needed to comply.  If so I decided to start up another wonderful NERC CIP V5 blog about what do I have to do because the non-routable communications exception in 002 has been removed? Which is a very easy one to address by the way and more complex questions like we use BWise, OpenPages MatrixStream, Archer or  SAP GRC cyber compliance tools today and I want to know can I use my existing system to automatically in report to NERC? A new question I have been asked is I integrate our physical security systems reporting, if so what protocols can I use and do I need another GRC tool and is that tool available in open source?

Please register and post any technical questions you have and I’ll provide with technical answers.

Please tell others about my site so we may questions and technical opinions from many different utilities and LOBs

So this is a technical blog for people that are serious about protecting the US grid as well meeting all regulatory compliance.

Ted Gibson

Posted in Uncategorized | Leave a comment