Podcasts

Leadership Lyceum

Leadership Lyceum: A CEO’s Virtual Mentor

This podcast series focuses on corporate and industry strategy and trends from the direct vantage point of key industry leaders. Subscribe to the podcast at Apple iTunes. Interviews with Tom Fanning and Bob Flexon are available, as well as one with Joe Rigby, Bob Skaggs and Les Silverman.

See Podcasts

Public Utilities Reports

PUR Guide Fully Updated Version

Available NOW!
PUR Guide

This comprehensive self-study certification course is designed to teach the novice or pro everything they need to understand and succeed in every phase of the public utilities business.

Order Now

Cybersecurity, Part 1

Opportunities and Challenges for State Utility Regulators

Fortnightly Magazine - February 2017
This full article is only accessible by current subscribers. Please login to view the full content.
Not a subscriber yet? Click here to subscribe for one year of Fortnightly Magazine, and gain access to the entire Fortnightly article database online.

Public utility companies touch nearly every person's life on a daily basis through the transmission, distribution and consumption of gas, electricity and water. They also increasingly rely on networked technology to conduct their business.

However, attackers are acting faster, becoming more sophisticated, and getting more strategic in their attacks, including their abilities to navigate the increased complexity and connectivity of critical infrastructure systems.

The U.S. Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) recently reported that the energy sector has become the biggest cybersecurity target in America. The ICS-CERT 2015 Incident Response Statistics Report accounted for two hundred ninety-five energy sector-related incidents last year alone.

"State commissioners have not traditionally regulated cyber; many are now grappling with the proper role." – Sherina Maye Edwards

Last year, a Lloyd's of London report found that a widespread attack on the U.S. grid could lead to an economic loss ranging from two hundred forty-three billion up to a trillion dollars. Fallout could include a rise in mortality rates, a decline in trade, disruption to water supplies and transportation chaos.

As utility infrastructure becomes increasingly automated, ensuring the security of critical energy infrastructure is becoming a major concern. Not just for the companies that own and operate such assets, but also for the local, state and federal regulators tasked with ensuring the safety, reliability and cost-effectiveness of the services delivered as well.

While state commissioners have not traditionally regulated this area, many are now grappling with the proper role to play. This article examines the evolving role of state regulators in addressing cybersecurity in the energy sector.

It highlights the importance of developing state regulatory processes that promote efficiency, maintain confidentiality, consider affordability and incentivize investment, while ensuring both the cost-effectiveness and security of utility infrastructure.

Where Are We Now?

While some of the first cyber attacks on infrastructure date back to the 1980's, the Stuxnet worm is widely considered to be the most sophisticated contemporary attack. In 2010, it was discovered that the Stuxnet worm had targeted industrial control systems in Iran by installing a highly specialized malware designed to target SCADA systems that controlled industrial facilities such as power plants, dams and waste processing systems.

This allowed attackers to

This full article is only accessible by current subscribers. Please login to view the full content.
Not a subscriber yet? Click here to subscribe for one year of Fortnightly Magazine, and gain access to the entire Fortnightly article database online.