Though NERC is perhaps taken more seriously, NIST standards are regularly integrated into many cybersecurity platforms, and they may point the way that critical infrastructure protection is going. Opinions australia mobile number list free vary on NIST’s importance. Because compliance to NIST guidelines is voluntarily, there is no mandate for companies to follow them. Additionally, the energy market is extremely fragmented and many businesses don’t have adequate personnel or the necessary funding to implement a lot of NIST’s suggested actions related to cybersecurity.
Money is probably the biggest factor in whether or not companies will follow NIST or even NERC. Factoring in the hundreds of priorities energy businesses have, the budgetary impact of cybersecurity implementation often takes a backseat to what seem to be more pressing immediate concerns. Beyond its presence as a buzzword, the Framework is costly to integrate and often a budget does not exist for such expenses. Beyond that, many doubt that industrial control system vendors can provide working solutions that operate in tandem with products from other vendors. They are wary of involving third parties. Security professionals know what they need to do, but they don’t know where to find the budget and they are unsure of what technology to use to implement the good ideas NERC and NIST suggest.