Library   Cybersecurity

‘Catastrophic’ Cyberattack Could Hit Utilities like PG&E

Marin Independent Journal, 3/15/2013: Hackers are increasingly targeting electric, natural gas and other vital utilities, threatening a disaster of epic proportions that experts say firms are doing too little to guard against. …

The California Public Utilities Commission is considering rules to bolster cybersecurity protections. The agency…warned in a recent report that utilities are becoming increasingly vulnerable as their networks add smart meters and other computerized gear.

Read more

Cybersecurity and the Evolving Role of State Regulation

Cybersecurity and the Evolving Role of State Regulation: How it Impacts the California Public Utilities Commission

As the State moves forward with grid modernization, utilities must design and implement both cyber and physical security policies that protect public safety, enhance the reliability and resiliency of the grid and protect customer privacy from cyber threats, and do so cost-effectively.

Read more

Cyber Security Concerns for Local Government Energy Assurance Planning

PTI presented this webinar October 18, 2011.

Because cyber security concerns are usually handled by Internet-focused industries and IT departments, local governments may not typically consider vulnerabilities of computer systems to unauthorized use or attack.

Read more

2012 National Preparedness Report

Federal Emergency Management Agency

The 2012 National Preparedness Report (NPR) summarizes how prepared we are as a Nation. It focuses on five mission areas: Prevention, Protection, Mitigation, Response, and Recovery. These mission areas organize the 31 core capabilities needed to achieve the National Preparedness Goal.

Read more

Cyber Security Resources

InfraGard FBI Cyber Security Collaboration

Smart Grid Cyber Security Blog

Smart Grid Cyber Security Strategy and Requirements
DRAFT NISTIR 7628 Cyber Security Coordination Task Group, Advanced Security Acceleration Project Smart Grid (September 2009)

National Electric Reliability Corp. Standard CIP-001-1
Sabotage Reporting (January 2007)

Roadmap to Secure Control Systems in the Energy Sector, Department of Energy and Department of Homeland Security (January 2006)

Cyber Assessment Methods for SCADA Security, Idaho National Laboratory (2005)

Security Guidelines for the Petroleum Industry, American Petroleum Institute

A Comparison of Oil and Gas Segment Cyber Security Standards, Idaho National Engineering and Environmental Laboratory (November 2004)

Cyber Security Shortchanged in US Smart Grid Push

The Energy Department’s January 2012 audit of Smart Grid programs found deficiencies in cybersecurity planning.

According to Risk Factor, a blog from the Institute of Electrical and Electronics Engineers (IEEE), “The audit found that in the Department’s rush to push $3.5 billion in smart grid stimulus grant money out to US utilities, they didn’t do such a good job of ensuring that effective cyber security controls were in place.” Thirty-six of 99 cybersecurity approaches submitted lacked one or more required elements.

Read more at this link. The audit is available in PDF format at this link.

Cybersecurity Concerns for LEAP Planning

Because cybersecurity concerns are usually handled by Internet-focused industries and IT departments, local governments may not typically consider vulnerabilities of computer systems to unauthorized use or attack.

However, with the increased use of interconnected, Internet-based technology in the energy industry, and with recent attempts to harm energy-sector control systems, cybersecurity is an increasing concern for energy assurance planners.

To mitigate the risk of cyber attack, it is necessary to harden computer and information systems by making them less vulnerable to external influences. This 15-page LEAP guidance document from PTI outlines cybersecurity standards, practices and concerns relevant to local energy assurance.

Download this document
California Energy Commission & U.S. Dept. of Energy

Sponsored by the California Energy Commission through the U.S. Department of Energy
Website by ICF International and Public Technology Institute