FERC has directed NERC to aggressively develop industry guidance and content for Entities regarding Cloud adoption. NERC has launched a multi-prong effort to meet that demand through modifying existing compliance standards and industry-focus groups.
PCS is actively involved with both efforts and is uniquely positioned to advise, consult and support Entities who are looking to get a head start on developing a compliance-driven Cloud strategy.
Starting in March 2020, PCS has partnered with IBM to research and develop a CIP-Compliant architecture for the energy industry. In January 2021, PCS and IBM launched a secure Proof of Concept, sponsored by IBM, as a demonstration project of the security and compliance controls that are in place, and provide requirements for further development.
To date, IBM is the only Cloud Service Provider (CSP) to successfully demonstrate that they do not have a ‘shared accountability’ model, and that Entities are the only ones with the keys, access and authority to manage their own Infrastructure-as-a-Service (IaaS) workspace.
Key Use Cases for Early Cloud Adoption:
Ask PCS about IBM Cloud for Regulated Workloads and how our architecture is well positioned to enable your business, customers and stakeholders to take full advantage Cloud technologies while meeting your compliance requirements.
Benefits
Cloud Services Provided
A cloud compliance program is a structured approach to ensure that cloud services used by a utility meet security, regulatory, and NERC CIP standards. PCS helps design these programs specifically for the utility sector.
Cloud usage in critical infrastructure introduces third-party risk. A clear compliance strategy helps utilities manage cloud provider responsibilities and meet NERC CIP requirements.
Yes. PCS offers expertise in aligning your cloud-based systems with NERC CIP obligations, including vendor management, system security, and documentation practices.
Lack of a cloud compliance plan can lead to audit failures, security gaps, or non-compliance with regulatory standards, potentially resulting in fines or system vulnerabilities.
PCS tailors each cloud compliance program based on your operational needs, cloud architecture, vendor relationships, and regulatory exposure to ensure full alignment with best practices.
