Cybersecurity

Of 257 cyber incidents reported by asset owners or trusted partners to the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in 2013, an overwhelming 56% occurred in the energy sector, exceeding all incidents reported in other sectors combined.  Notably, ICS-CERT last year responded to a “major cyber intrusion campaign” from […]

The Federal Energy Regulatory Commission (FERC) on Friday directed the North American Electric Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the bulk power system to address risks due to physical security threats and vulnerabilities.  The standards will require owners and operators of the bulk power system to take at least […]

At a keynote address at CERAweek 2014 in Houston, Energy Secretary Ernest Moniz reiterated the Obama administration’s support for all U.S. fuel sources while pursuing a low-carbon future but rarely mentioned nuclear power. Prompted by POWERnews, Moniz later outlined the administration’s actions to address spent nuclear waste.  Following the D.C. Circuit’s ruling in November 2013 […]

The National Institute of Standards and Technology (NIST) today released its final version of a national framework for improving critical infrastructure cybersecurity. The “living” document will be updated as industry reports back on its implementation. The “Framework for Improving Critical Infrastructure Cybersecurity” is essentially composed of a core, tiers, and profiles. The core presents five […]

What’s the utility of the future going to look like within two or three decades? That was a question put to former Duke Energy CEO Jim Rogers, Great Plains CEO Mike Chesser, and former chairman of the Colorado Public Utilities Commission Ron Binz by the head of the Brookings Institute’s Energy Security Initiative (ESI) last […]

A year ago, on Feb. 12, 2013, President Obama issued Executive Order 13636, titled “Improving Critical Infrastructure Cybersecurity.” The Executive Order instructed the National Institute of Standards and

Cybersecurity has become a topic of interest over the past year in generation, owing to new developments in North American Electric Reliability Corp. Critical Infrastructure Protection (NERC CIP) regulations

The Department of Energy (DOE) has awarded the National Rural Electric Cooperative Association (NRECA) $3.6 million to research and develop virtual, cloud-based cybersecurity management tools for small, resource-constrained utilities. NRECA and Honeywell Corp. will provide matching funds for a total of $4.7 million. NRECA will collaborate with Pacific Northwest National Laboratories, Carnegie Mellon University, Honeywell […]

About $30 million will be spent on the development of new tools and technologies to strengthen protection of the nation’s electric grid and oil and gas infrastructure from cyber attack, the Department of Energy (DOE) announced today. The funds will go to 11 projects undertaken by energy sector organizations in California, Georgia, New Jersey, North […]

“One company’s [NERC CIP] violation can be another company’s lesson learned.” That was just one of the comments during opening presentations at the EnergySec Summit in Denver this week that focused on the fact that human behavioral change is as important as advanced technology solutions for securing the North American electricity system—and energy systems globally. […]

What do editors and energy industry cybersecurity experts have in common? They both recognize the importance of language. Specifically, presenters and participants in workshops at the EnergySec Summit in Denver this week provided guidance and asked questions about terms, definitions, and interpretations of everything from generic concepts (“What is a framework?”) to specific words used […]

A discussion draft of a preliminary cybersecurity framework posted by the National Institute of Standards and Technology (NIST) last week outlines several functions to protect industrial control systems, but it acknowledges that the power sector already engages in several cybersecurity practices and recommends that utilities opting to use the framework should leverage these rather than […]