CIP-010-5 R1 and R2 DRAFT: The Importance of Baseline Configuration as a Critical Security Management Control

The Second in a Series of NERC CIP Whitepapers, this paper addresses baseline configuration management as a way to reduce or eliminate security gaps resulting from Cyber Assets that are not properly configured.
CIP-010-5 brings into the CIP Regulations baseline configuration management as a way to reduce or eliminate security gaps resulting from Cyber Assets that are not properly configured. This paper discusses different approaches to this challenge and how best practices can be employed to eliminate security gaps for the Bulk Energy System (BES).

Topics covered in the whitepaper include:

Examination of the types of configuration information stored on Cyber Assets

Description of the practical application of Baseline Configuration Management

Discussion on the process for controlling assets to a defined, “most secure” configuration when triggered by external factors (new patch, IT change, etc.)

Discussion on the process for detecting and resolving unauthorized changes and for validating authorized changes

Understanding the cyber security threats and risks imposed by not managing the baseline configuration of cyber assets