implementing-nerc-cip-compliance-controls

Featured

This skill covers implementing North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) compliance controls for Bulk Electric System (BES) cyber systems. It addresses asset categorization (CIP-002), electronic security perimeters (CIP-005), system security management (CIP-007), configuration management (CIP-010), supply chain risk management (CIP-013), and the 2025 updates including mandatory MFA for remote access and expanded low-impact asset requirements.

AI & Automation 16,326 stars 1981 forks Updated 2 weeks ago Apache-2.0

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
90
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing NERC CIP Compliance Controls ## When to Use - When a registered entity must achieve or maintain NERC CIP compliance for BES cyber systems - When preparing for a NERC CIP compliance audit by the Regional Entity - When implementing the 2025 CIP standard updates (CIP-003-9, CIP-005-7, CIP-010-4, CIP-013-2) - When categorizing BES cyber systems after commissioning new generation, transmission, or control center assets - When developing a compliance monitoring and evidence collection program **Do not use** for non-BES industrial systems (see implementing-iec-62443-security-zones), for general IT compliance frameworks (see auditing-cloud-with-cis-benchmarks), or for physical security of substations without cyber components. ## Prerequisites - Understanding of NERC CIP standards (CIP-002 through CIP-014) - BES cyber system inventory with impact ratings (high, medium, low) - Access to Electronic Security Perimeter (ESP) network diagrams and firewall configurations - Compliance management system for evidence collection and audit documentation - Familiarity with NERC Glossary of Terms (BES Cyber Asset, BES Cyber System, Electronic Access Point) ## Workflow ### Step 1: Categorize BES Cyber Systems (CIP-002-5.1a) Identify and categorize all BES cyber systems based on their impact to the reliable operation of the Bulk Electric System. ```python #!/usr/bin/env python3 """NERC CIP BES Cyber System Categorization Tool. Implements CIP-002-5.1a categorization criteria ...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
2 weeks ago
Language
Python
License
Apache-2.0

Bundled in these plugins

cybersecurity-skills

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

performing-power-grid-cybersecurity-assessment

This skill covers conducting cybersecurity assessments of electric power grid infrastructure including generation facilities, transmission substations, distribution systems, and energy management system (EMS) control centers. It addresses NERC CIP compliance verification, substation automation security, IEC 61850 protocol analysis, synchrophasor (PMU) network security, and the unique threat landscape targeting power grid operations as demonstrated by Industroyer/CrashOverride and related attacks.

16,326 Updated 2 weeks ago
mukul975
DevOps & Infrastructure Solid

cis-controls

Expert CIS Controls v8 (CIS Top 18) advisor — implementation group scoping (IG1/IG2/IG3), control gap assessments, safeguard-level guidance, asset inventory, software inventory, data protection, secure configuration, account management, access control, continuous vulnerability management, audit log management, email and web browser protections, malware defenses, network infrastructure management, network monitoring and defense, application software security, incident response, penetration testing, and CIS Controls mapping to NIST CSF, ISO 27001, SOC 2, and CMMC. Use for any question about CIS Controls, CIS Benchmarks, Implementation Groups, or prioritized cyber hygiene for any organization size.

661 Updated yesterday
Sushegaad
AI & Automation Featured

implementing-iec-62443-security-zones

This skill covers designing and implementing security zones and conduits for industrial automation and control systems (IACS) per IEC 62443-3-2. It addresses zone partitioning based on risk assessment, assigning Security Level targets (SL-T), designing conduit security controls, implementing microsegmentation with industrial firewalls, and validating zone architecture through traffic analysis and penetration testing against the Purdue Reference Model.

16,326 Updated 2 weeks ago
mukul975