When it Comes to IT Security, Hope for the Best and Prepare for the Worst

Posted by Ming Jan Sam Thu, 29 Aug 2013 12:45:00 GMT

It has been 10 years since the August 2003 power outage that left 50 million people in the Northwestern part of the United States and Canada without power for days. Since then, U.S. power companies have implemented disaster recovery plans to prevent such a nightmare from occurring a second time.

However, power companies must also prepare for a disaster with more complicated repercussions.  An article by NPR paints the image of a cyber threat that could shut down key parts of electric grid equipment. Because most electric grids are controlled remotely via computers that are connected to the internet, it is inevitable that computer hackers will stealth their way into the systems of power plants. 

The North American Electric Reliability Corporation (NERC), an industry organization that creates standards for power companies, created voluntary cyber security standards in order to help guide power companies in the right direction of IT security. However, most power companies failed to implement these standards, as it would cost millions. These same power companies are opposed to NERC creating mandatory cyber security standards.

As computer hackers become more sophisticated, the power grid becomes an increasingly easy target.  Although redesigning the grid may make it less vulnerable, it is also extremely expensive. Despite the push back from some power companies, it is important for each of them to hope that a cyber attack does not ever happen, yet still prepare for the worst.

What are your thoughts on NERC’s efforts to legislate mandatory cyber security standards? Please share in the comments below.

no comments |

You must be registered in order to write comments. To register as a new user click here.

If you're already registered, please leave a comment here

Leave a comment