State commissions can select from a toolkit of regulatory approaches to promote desired utility cybersecurity behavior. One approach is to allow the industry to selfregulate, and another approach...
Better Safe Than Compliant
Protecting the smart grid requires a broader strategy.
open new vulnerabilities to attacks on the confidentiality, integrity and availability of data belonging to individuals, businesses, organizations and governmental units. Utilities must develop new protection processes to complement those already in place to protect systems and other assets, in order to be better prepared to address not only deliberate attacks from disgruntled employees, competitors and terrorists, but also inadvertent compromises of information due to errors, equipment failures and natural disasters.
With a secure and reliable communications infrastructure incorporating a tiered, risk-based defense system and available tools and standards, it will be entirely feasible to have a smart grid that is as smart as it should be from end to end.
And on the way to that point, the entire utility industry will learn that security is the life of compliance.
1. RSA Conference 2011, San Francisco.