Analysts: Ineffective NERC incapable of protecting smart grid; cybersecurity threats grow
SUBNET Solutions Inc | Friday, May 20, 2011
Among other responsibilities, the North American Reliability Corporation (NERC) is charged with developing and implementing policies that protect the smart grid. According to a number of industry watchers, the organization is hardly as effective as it needs to be to ensure that critical infrastructure is protected from cybersecurity threats.
Analysts as well as U.S. policymakers have questioned whether cybersecurity mandates are keeping pace with the smart grid's rapid development. U.S. Senator Richard Burr of North Carolina recently said that the cybersecurity threat is so real that he recommended utilities slow their investment into the smart grid until proper guidelines are established.
Moreover, a number of industry watchers assert that while NERC is trying to effectively protect the smart grid, it is ultimately ineffective.
In fact, SUBNET director of marketing Brian Neufeld recently conducted an informal poll through the networking site LinkedIn, asking industry professionals whether NERC is capable of protecting the smart gird, with the results showing thus far that many analysts lack confidence in its ability to do so.
For example, of the 24 smart grid professionals who have responded thus far, 58 percent of respondents affirmed that NERC is ineffective in its role as a smart grid watch dog. Further, 21 percent thought NERC has been somewhat successful; 17 percent contended it is moving in the right direction to properly protect the smart grid; and only 4 percent said it is making good progress in securing the smart grid.
Tim Roxey, NERC's director of risk assessment and technology, acknowledges that as a country the U.S. has to shift its view toward security and compliance.
"Security and compliance are spelled differently in the English language because they actually mean different things," he said during a conference this month. "We have a culture of compliance when we should really have a culture of security."
Roxey's worries mirror those of industry watchers who fear that the smart grid will continue to be targeted by hackers as it becomes increasingly complex and as the U.S. relies more heavily on it to monitor the flow of electricity. Roxey told industry professionals during a recent speaking engagement that now more than ever the U.S. needs to address the smart grid's vulnerability to attack.
"It's almost impossible for a company to remain compliant, let alone secure, because of the complexity," Roxey warned.
Substation Cyber Security
Substation Automation & Remote Access