State commissions can select from a toolkit of regulatory approaches to promote desired utility cybersecurity behavior. One approach is to allow the industry to selfregulate, and another approach...
Protecting critical assets in a hazardous world.
spreading rumors about attacks on major energy infrastructure facilities ( e.g., gas or oil pipelines), which could lead to unexpected shortages in power or gas and at least for a short time cause disruptions or blackouts.
Fortunately, the public, lawmakers, and regulators in Washington D.C. are becoming increasingly well informed about to threats and vulnerabilities of the nation’s critical infrastructure. A determined and collaborative effort driven by regulators, security vendors, industry leaders and politicians is required to protect our nation’s critical infrastructure against disruptions and attacks. While the most recent government initiatives are a step in the right direction, legislation has proven to be too slow to respond to rapidly evolving threats.
Thus, it lies in the hands of energy companies to raise awareness of the risk of cyber attacks and take appropriate action.
4. “In the Dark: Crucial Industries Confront Cyberattacks,” McAfee and Center for Strategic & International Studies, November 2010.
5. “‘ Night Dragon’ Attacks from China Strike Energy Companies ,” www.pcworld.com, Feb. 10, 2011.
6. “ Wikileaks: Chinese Govt Helped Coordinate Google Attack ,” www.pcmag.com, Nov. 29, 2010.
8. “21 Steps to Improve Cyber Security of SCADA Networks,” Office of Energy Assurance, Office of Independent Oversight And Performance Assurance, U.S. Department of Energy.
9. “Project Grey Goose Report on Critical Infrastructure: Attacks, Actors, and Emerging Threats,” Greylogic, Jan. 21, 2010.