The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 


Protecting Bulk and Low-Impact Electricity Carriers Amid a Profusion of Cyber Threats

Andrew Burger's picture
Man Friday Energy Ventures

I've worked a pretty diverse range of jobs around the world over the years. I feel fortunate to have found vital, satisfying work, and a career reporting, editing and researching developments in...

  • Member since 2015
  • 490 items added with 490,442 views
  • Nov 16, 2017

Cyber security is always a primary concern in today's world of ubiquitous, “always on” network connectivity. When it comes to power and energy infrastructure those concerns reach the level of national security. Having issued a rule governing cyber security standards for bulk electricity carriers, i.e. the power grid, FERC is now fielding public comments on a proposed new cyber security rule for low-impact carriers. 

Energy Central got in touch with Nozomi Networks' Chief Marketing Officer Kim Legelis to gain and share insights regarding the latest developments to do with power grid cyber security, and more specifically, the ripple effects of FERC's new rules on low-impact bulk electricity carriers.
New power grid cyber security rules

The Federal Energy Regulatory Commission (FERC) on Jan. 21, 2016 established its final rule governing cybersecurity for large, bulk electric carriers, otherwise known as the power grid.  

At the same time, it also instructed the North American Electric Reliability Corp. (NERC) to modify the new rule in order to protect electronic devices used at low-impact bulk electric systems, as well as communication network components linking control centers. Lastly, FERC directed NAERC to refine the definition of low-impact external routable connectivity. 

FERC proposed a new rule governing cyber security at low-impact bulk carriers on Oct. 19. According to FERC: “The proposed standard improves upon the current Commission-approved CIP standards by clarifying the obligations that pertain to electronic access control for low-impact cyber systems; adopting mandatory security controls for transient electronic devices, such as thumb drives and laptop computers; and requiring responsible entities to have a policy for declaring and responding to CIP exceptional circumstances related to low-impact cyber systems.”

Nozomi Networks' mainstay line of business is industrial cyber security, critical infrastructure more particularly. Undergoing a digital transformation, cyber security in both the power and energy industry sectors is a growing facet of the San Francisco, CA-based company's activities. 

A top-down approach

FERC's latest power grid cyber security rule making shouldn't have, and didn't, come as a surprise to Nozomi, or its power industry clients, Legelis said in an interview. “There's an enormous amount of concern regarding the security of the power grid at present, and FERC is playing a critical role in addressing this issue comprehensively at the national level,” she told Energy Central. 

“FERC works from the top down, establishing the ground rules for the big guys first, then moving forward and extending them to cover the power grid sector, and participants, in its entirety.” That's really as it should be, she added, instituting new rules for the largest US utilities first conveys the greater impact. 

That said, low-impact bulk carriers are key power providers and substantially important in their own right, particularly when it comes to cyber security threats. For one thing, smaller, local utilities might look like more vulnerable, and hence more attractive, targets to cyber saboteurs, terrorists or criminals. 

Moreover, the proliferation of power and energy Internet of Things devices and networks can open up new avenues for cyber criminals to exploit. Invading a smaller utility's network might ultimately give them the ability to access, even take control of a bulk carrier's grid system. 

And when all is said and done, it doesn't really matter whether your power is being supplied by a bulk or low-impact carrier. Losing grid power or discovering on-site power equipment, devices and/or private information might be compromised can be a critically serious issue. 

Cyber threats to the power grid are real and the issue is not being blow out of proportion, according to Legelis. They are growing in number and increasing in complexity and frequency, as well as with regard to their objectives.

Guarded optimism 

Despite all that, Legelis is optimistic regarding power sector participants' capacity to mitigate the risks and detect and prevent power grid cyber threats. 

“Yes, we are seeing cyber attackers targeting upwards across the network, to gain control of an entire power grid, as has been the case twice in two consecutive years now in Ukraine. Their success rate is pretty low when you consider the total number of power companies in operation globally, but we know that any successful attempt could be catastrophic.”

Furthermore, perceptions of cyber security, and resulting actions taken, throughout the power sector over the past 10 years give Legelis cause for optimism. 

“There were lots of difficulties in instituting regulatory programs 10 years ago. Over time, utilities have become more concerned about cyber security, particularly with regard to issues like public safety, as well as the operational impacts cyber threats pose for their assets, operations and the power grid. 

The good news is that the heightened attention power sector participants are paying to cyber security, along with ongoing advances in and deployment of industry-specific cyber security technology, is yielding positive results and benefits. That's particularly the case among low-impact bulk carriers, who can now take advantage of the latest in custom designed, built and installed power industry cyber threat defense systems and wind up with the same level and degree of cyber security that large, bulk carriers can afford. 

Nozomi, for example, has been working closely with Vermont Electric Co-op to deploy the latest version of Nozomi's SCADAguardian cyber and operational security platform. 

“We’re working with Nozomi Networks because their deep industrial cyber security expertise is embedded in one clean, comprehensive solution, from network modeling to process anomaly and intrusion detection. With Nozomi Networks we’re investing in the future reliability and efficiency of our operations,” Vermont Electric's SCADA and Operations Engineering Manager Kris Smith was quoted in a press release. 

Energy Central discussed Nozomi's work with Vermont Electric Co-op in further detail, a report of which will appear in part two of this post.

Andrew Burger's picture
Thank Andrew for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »