Blog: Taking Stock of Cyber Threats to the Electric Grid and Public Power

CMUA
CMUA
Jul 27, 2017 · 2 min read

Debates are hot on whether Russia hacked into and influenced the 2016 presidential election. We may never know the full truth on that, but there’s something closer to home impacting electric utilities. Have you noticed the increasing number of headlines about cybersecurity and the U.S. electric grid? They’re hard to miss if you spend even a small amount of time browsing the online news.

Hackers targeting a nuclear power plant in Kansas. A July report from the National Academies warning of the gird’s vulnerability to cyberattacks. New data about a cyberattack that hit Ukraine’s power grid in 2015. Major U.S. tech companies launching new software programs to help protect utilities.

There’s a new story like this nearly every day, it seems.

But for those of us in the public power industry, these aren’t revelations. We’ve known for many years that the nation’s electric grid is a prominent target for cyberattacks, and that sophisticated hackers are going to great lengths to find potential vulnerabilities in the system.

What appears to have changed recently, though, is there’s much more public awareness and conversation — thanks in part to those news stories — about securing the U.S. electric grid.

There is an upside of sorts that comes with added scrutiny. One could argue there’s no better time than now to explain to consumers how publicly owned utilities are taking steps to protect the critical infrastructure in their communities.

California POUs are assessing risks, formulating strategies for resiliency, conducting onsite vulnerability testing and participating in tabletop exercises, piloting new technology, and sharing information about risks among themselves. Much has been done, and those involved acknowledge we need to stay vigilant.

It’s on us to tell our story, within reason.

The public, to the extent possible and without revealing confidential data, should have a basic idea of what we’re doing to keep the lights on and protect against cyber-incidents that could someday lead to an outage. We’re working diligently to meet the challenge, and we should communicate that to our customers when it’s appropriate.

Thankfully, CMUA members are not alone in this endeavor. Organizations across the country such as the American Public Power Association and agencies like the U.S. Department of Energy are leading the way to improved cyber preparedness and response. Under a joint program, APPA and DOE are developing resources and toolsets to help public utilities to improve their cybersecurity posture.

Meanwhile, a feature story in APPA’s fall 2017 magazine discusses how “cyber hygiene” — training staff to avoid clicking on emails and files that could harbor malware or other intrusive — is vital for protecting internal digital systems.

Cybersecurity starts with us, and we’re all in this together.

CMUA

Written by

CMUA

The California Municipal Utilities Association represents the common interests of a diverse coalition of California’s publicly owned utilities.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade