NERC CIP-003 mandates specific policies and procedures for handling removable media and transient cyber assets to bolster cybersecurity measures within the defined Electronic Security Perimeter

NERC CIP-003's transient cyber asset portion includes measures to identify and protect critical cyber assets that have a temporary or intermittent connection to the control system network, ensuring their security during the time they are connected and minimizing potential vulnerabilities that could be exploited within the North American electricity industry.