I missed the October publication of FERC's annual staff report on lessons
learned.
https://ferc.gov/media/2021-report-commission-led-cip-audits
Some are the usual boilerplate FERC staff "found that while most of the
cybersecurity protection processes and procedures adopted by the
registered entities met the mandatory requirements of the CIP Reliability
Standards, there were also potential compliance infractions."
The report also includes previous Lessons Learned from four prior
annual reports.
learned.
https://ferc.gov/media/2021-report-commission-led-cip-audits
Some are the usual boilerplate FERC staff "found that while most of the
cybersecurity protection processes and procedures adopted by the
registered entities met the mandatory requirements of the CIP Reliability
Standards, there were also potential compliance infractions."
The report also includes previous Lessons Learned from four prior
annual reports.