The Federal Energy Regulatory Commission (FERC) has issued regulation Order No. 676-K which integrates updates to the North American Energy Standards Board’s (NAESB) WEQ-012 Public Key Infrastructure (PKI) standards, implemented to strengthen cybersecurity across wholesale electricity operations. Core applications like OASIS, eTagging, and the Electric Industry Registry (EIR) rely on these standards, making the choice of an authorized Certificate Authority (CA) crucial for compliance and security.
Enhanced WEQ-012 Standards
NAESB’s WEQ-012 standards establish the cybersecurity framework for securing critical applications in the wholesale electricity market. Key applications requiring certificates issued by a NAESB-authorized CA include:
- OASIS: Ensures secure transmission scheduling and equitable access
- eTagging: Protects real-time data for energy interchange coordination
- EIR: Secures sensitive market participant and grid operator information
These updates emphasize two use cases beyond the original User Authentication use case which WEQ-012 PKI was created to address:
- Server-side and Transport Layer security Certificates (TLS) for encrypted communications
- Code-signing certificates to verify software and executable integrity, aiding compliance with NERC CIP-010 standards
Selecting a Trusted NAESB-Authorized CA
Through selecting the right CA, organizations can ensure compliance with WEQ-012 and position themselves for resilience and scalability. Key considerations include:
1. Shortened Certificate Validity
As certificate lifespans shorten to enhance security, managing frequent renewals is critical. Organizations should seek a CA that offers:
- Automated issuance and lifecycle management to reduce administrative overhead on already strained IT teams
- Reliable support for seamless renewal processes to avoid service disruptions to mission critical infrastructure applications
2. Certificate Lifecycle Management
The right CA should provide centralized tools for:
- Automated certificate issuance, revocation, and renewal
- End-to-end visibility to maintain operational continuity and compliance
3. Future-Proofing for Scalability
WEQ participants should look for Certificate Authorities that support both NAESB and non-NAESB use cases such as securing DevOps work-flows, IoT endpoints and secure document exchange, ensuring compatibility with evolving cybersecurity and operational needs. This includes integration with cloud services to support expanding infrastructure and certificate demands.
Why Choose GlobalSign?
GlobalSign has been a trusted NAESB-authorized Certificate Authority (CA) since 2013, actively participating in the development of NAESB standards. With a proven track record and deep expertise, GlobalSign offers:
- Comprehensive Compliance: Ensures participants meet WEQ-012 requirements while staying agile in an evolving threat landscape
- Automation and Scalability: Its cloud-based platform supports automated Certificate Lifecycle Management, reducing manual intervention and ensuring compliance with shorter certificate validity
- Future-Ready Solutions: Scalable options for NAESB and broader IT security needs, providing flexibility for diverse applications
- Expertise in NAESB Standards: As an active contributor to NAESB’s standard development, GlobalSign is well-positioned to guide participants through regulatory and cybersecurity updates
Key Takeaways
The enhanced WEQ-012 standards reflect the growing importance of cybersecurity in the wholesale electricity market. To meet compliance deadlines - 12 months for WEQ-012 and 18 months for remaining standards - FERC regulated organizations must act quickly to integrate these standards into their operations.
Choosing a trusted CA like GlobalSign ensures compliance while providing the tools needed to navigate the evolving threat landscape. As a long-standing NAESB-authorized CA with a focus on innovation and automation, GlobalSign helps organizations not only to meet today’s challenges but ensure that they are prepared for the future.
Future-proof your cybersecurity and FERC compliance strategy with GlobalSign - a trusted partner
