Chief FERC auditor: Smart grid security critically important
SUBNET Solutions Inc | Thursday, June 30, 2011
During a speech he recently delivered, Federal Energy Regulatory Commission (FERC) branch chief Stephen Flanagan spoke about critical infrastructure protection (CIP), with an emphasis on the changes that must be made to help ensure the efficacy of the U.S. power supply network.
In his address, Flanagan affirmed that there are a number of reasons why utilities are failing to properly protect against cyber security attacks. Among them, he said, is a corporate culture that emphasizes compliance, but does not proactively work to implement cutting-edge technologies that could better protect against hacking attempts.
Flanagan told attendees at the conference he spoke at that instead of using the word "compliance," he prefers "commitment" as it shows an engagement and involvement to work to protect against the threat of cyber security breaches. While some executives may have downplayed the potentially devastating effects of data security breaches in the past, recent cyber security attacks on companies like Sony have shown how millions of dollars can be lost to hackers.
"A culture of commitment will impact the manner in which the CIP program is implemented in an entity and therefore the success of failure of the effort," he said.
Moreover, Flanagan said that utilities dealing in power generation, transmission and distribution had to develop cyber security regulations because groups publicly declared their intentions to disrupt its operations. This, he said, differs from many other industries that implemented such protocols to protect against financial and data theft.
"The CIP standards were put in place to address a concern regarding the vulnerabilities of the electric power grid to threats by parties seeking to deliberately adversely impact reliability," Flanagan affirmed. " I think that at this point in time there are few people who do not believe that such threats are real and perhaps becoming more serious with the passage of time."
Flanagan said that ultimately senior management needs to be committed and engaged in the implementation of cyber security measures to ensure their success. Funding for such programs must also be available to achieve goal-oriented tasks, he asserted, and staffing should be directed to help achieve the stated goals of a network security team. The U.S. power supply network is a prime target for cyber criminals, according to Flanagan, and great care must be taken to help protect it.
"These are times of great challenge and great opportunity," he said. "Not only the present but the future is at stake."
Substation Cyber Security
Substation Automation & Remote Access