FINLEY NEWSLETTERS

THE GRID

COMMUNIQUE

Social Links

Report Highlights Growing Power Infrastructure CyberSecurity Concerns

November 20, 2015 By Finley Engineering in

As the number of devices connected to the Internet and other digital networks multiplies, so do the opportunities for cybercrime. Such concerns are particularly acute when it comes to critical public infrastructure such as energy grids and telecom networks. Recent legislation designed to increase information sharing between electric utilities and government are among important recent developments, management consultants ScottMadden highlights in its most recentEnergy Industry Update.

In a press release , ScottMadden partner and information technology practice area leader Jon Kerner notes the importance of the Senate passing the Cybersecurity Information Sharing Act. The Act is intended to remove barriers to the flow of information between the federal government and the nation’s electric utilities regarding critical power infrastructure.

“Industry cybersecurity information sharing is a valuable way to obtain actionable and timely threat intelligence, but liability concerns prevent this information from flowing freely between energy stakeholders,¨ he commented.

Surveying electric utility industry participants, ScottMadden found that opinions varied as to the clarity and comprehensiveness of the federal government’s strategy to better secure power grid infrastructure and supplies. That said, nearly half believe the federal government should find ways to better share and exchange information with private-sector companies responsible for critical power infrastructure.

Forty-four percent said the federal government should assemble and publicize a ¨black list¨ of vendors whose products have been found to have poor security features. Four in 10 said the government should limit utilities purchasing IT to vendors that have demonstrated their products have a superior level of security.

Likewise, 4 in 10 said the federal government should enact stricter cybersecurity legislation, similar to that of Payment Card Industry standards (PCI). Nearly as many, 38 percent, said federal legislation that imposes high fines for data breaches should be enacted.