Public-private collaboration to protect our infrastructure.
Henry S. (Hank) Kenchington is deputy assistant secretary at the U.S. Department of Energy’s Office of Electricity Delivery and Energy Reliability. Carol Hawk is a program manager in the office. Darren R. Highfill is founder of UtiliSec, an independent utility security consultancy. Jack Eisenhauer is president and CEO of consulting firm Nexight Group LLC, and Lindsay Kishter is a communications specialist with the firm. This is the second of a two-part article edited from the authors’ report, Cyber Security for the Smart Grid, scheduled for publication on Fortnightly.com (www.Fortnightly.com/whitepapers.cfm). The first part was published in Fortnightly’s July 2011 issue.
Intelligent systems and two-way communications are bringing a host of advancements to the utility industry, from time-of-use metering to faster outage detection and service restoration. But this smart grid also presents new cyber security challenges, as malicious actors and malware threaten customer privacy and grid operations.
The utility industry faces threats in several operational domains, such as transmission, distribution and home area networks (see “Securing Tomorrow’s Grid (Part I)”). Securing these domains to manage cyber threats requires close collaboration among a wide range of stakeholders—including utility companies, equipment and technology vendors, regulatory agencies, and researchers at national laboratories and universities.
These stakeholders already have made substantial progress toward characterizing and tracking cyber risks, and public-private partnerships are working to address these risks. As the industry develops and implements smart grid systems across multiple utility domains, continued commitment will be critical for mitigating immediate threats, while also planning for the long-term requirements of a modernized electric grid.