One of our customers (You know who you are, thanks!) made us aware of a new practice guide titled “ERO Enterprise CMEP Practice Guide: Assessment of SVCHOST.EXE” published exactly two weeks ago today on September 15th, 2020.
North American Electric Reliability Corporation (NERC) seldom releases guidance like this, so they shouldn’t go unnoticed. They’ve published three such Critical Infrastructure Protection (CIP) specific guides including this one since 2017, according to their website. The CMEP Practice Guides are described as “provid[ing] direction to ERO Enterprise CMEP staff on approaches to carry out compliance monitoring and enforcement activities.” Based on that statement, not only should they not go unnoticed, but they also shouldn’t be taken lightly due to the fact that NERC and the Electric Reliability Organization (ERO) Enterprise adopt these guidance policies and audits according to their language.