
Digital Utility Group
The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation.
Shared Link
FERC considers transmission incentives for voluntary cybersecurity investments
FERC has issued a white paper and is requesting public comments on its proposed framework to incentivize cybersecurity investments in the Bulk Electric System (BES). The paper is available from FERC.
I've found that the paper represents an acknowledgement that more can be done to protect our electricity supply from cyber threats (i.e. malware and other harmful items). The NERC CIP standards are a "baseline" (e.g. minimum) set of requirements that simply don't reach the level of security controls that are warranted to deter a serious attack on the software supply chain, and greater protections are needed for the BES to remain safe, as indicated by this FERC work paper. Command and control are the "beating heart" that keeps the electricity supply running smoothly, but it is the software "brain" that is vital to this command and control operation and both must be protected from dangerous parties with an incentive to disrupt our vital supply of electricity. It is incumbent on all of us to let FERC know that we support their recommendations to protect our electric supply by ensuring that the heart and brain of the system remains safe from harm so that life saving electricity continues to flow. I will leave you with this excerpt from the FERC white paper: "augmenting the current CIP Reliability Standards with an incentive-based approach under FPA section 219 that encourages utilities to undertake cybersecurity investments on a voluntary basis
may have significant benefits."
Never trust software, always verify and report!™
Please consider filing your comments with FERC on docket AD20-19-000.
FERC considers transmission incentives for voluntary cybersecurity investments
Experts say the existing standards create a baseline of security but a market-based approach could spur significant new investments including enhanced use of cloud-based computing systems.
Discussions
No discussions yet. Start a discussion below.
Get Published - Build a Following
The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.
If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.
Sign in to Participate