The Nuclear Regulatory Commission has issued a final policy statement on its intended approach to nuclear plant licensees as the electric industry moves toward greater competition.
physical and cyber security, and risk management, all under the management of a chief risk officer. By doing so, security issues would get attention at the executive level. Tyler suspects less than half of all utilities have made that kind of organizational change.
Scalingi agrees. Cutting across the stovepipes-the different physical, cyber, and other security departments-enhances a company's overall ability to meet any kind of threat, she says. Scalingi sees some companies integrating their security efforts, "but it's precious few."
So, two years after 9/11, the industry is now more aware of its security problems. But it has spent relatively little money to fix them. The real-time systems that form the backbone of the industry are still vulnerable to cyber attack. At least half of the companies in the industry have yet to organize their security function to make it a top management issue, instead of an afterthought. And compulsory standards for cyber security likely won't emerge any time soon.
Is this any way to run a network?
Articles found on this page are available to subscribers only. For more information about obtaining a username and password, please call our Customer Service Department at 1-800-368-5001.