The Cyber Security Subcommittee develops and promotes cybersecurity standards, best practices, and sound government policies for electrical and medical imaging equipment to enable the full value of connected devices. Council activities include:

• Developing, recommending, and promoting voluntary industry consensus standards, guidelines, and other technical work projects
• Providing a collective industry voice on legislation and regulation
• Encouraging open dialogue and collaboration with end-users representing the markets that our member companies sell products and systems into
• Partnering and collaborating with government and nonprofit organizations involved in cybersecurity activities
• Serving as a coordinating/review body for NEMA Division-, Section-, or Council-specific cybersecurity activities

Government Relations Committee

Working in tandem with NEMA’s Government Relations and Communications Committee, the Cyber Security Subcommittee’s Government Relations Committee (GRC) advocates for reasonable and flexible cybersecurity and data privacy policies on the state and federal levels.  Comprised of both NEMA and MITA members, the GRC helps establish the electroindustry’s advocacy priorities around these issues and crafts strategies to advance those positions. 

More information about the GRC and its work can be found here.

Join Now! | *Members Only

Staff Contact: Steve Griffith

Official Correspondence

• NEMA RFI Response FCC Cyber Trust Mark/October 6, 2023
• NEMA RFI Response NIST CSF V2.0 Concept Paper/ March 8, 2023

Standards

• Cybersecurity Implementation Guidance for Connected Electrical Infrastructure (NEMA CY 70001-2023)
  This guideline document addresses cybersecurity protection of electrical infrastructure when networked connected within the context of a commercial, industrial, and residential building. It describes methods to protect the various systems and products within the infrastructure either through best practices, industry standards, or the utilization of compensating controls. As cybersecurity requirements are appearing in building electrical safety codes, this guide provides a reference point for installers of electrical infrastructure systems and officials and authorities having jurisdiction that inspect for code compliance who are not familiar with cybersecurity compliance aspects.
• End-User Risk Assessment Template (NEMA CPSP 5-2023)
  This document provides example asset and organization cybersecurity risk assessment questions that end users and personnel responsible for procurements can inquire of NEMA member companies.  This document serves as a reference point for further conversations and discussions in a cybersecurity risk assessment.
• Harmonized Cybersecurity Standards and Conformity Assessment (NEMA CPSP 4-2021)
  This document emphasizes the need for globally harmonized industry consensus around cybersecurity process standards and conformity assessments.
• Supply Chain Best Practices (NEMA CPSP 1-2021)
  Supply chain best practices and guidelines for manufacturers to implement during product development to minimize the possibility of bugs, malware, viruses, and other exploits that negatively impact product operation.
• Cyber Hygiene Best Practices for Manufacturers (NEMA CPSP 2-2018)
  Industry best practices and guidelines to improve cybersecurity sophistication in manufacturing facilities and engineering processes.
• Cyber Hygiene Best Practices for End-Users (NEMA CPSP 3-2019)
  Industry best practices and guidelines for electrical and medical imaging manufacturers’ customers to raise their level of cybersecurity sophistication as they utilize connected equipment.

News

• NEMA Publishes Whitepaper Emphasizing Harmonized Cybersecurity Standards
• NEMA Publishes Revision to Supply Chain Best Practices White Paper
• NEMA Identifies Best Practices to help Electroindustry Improve Customer Cybersecurity