From: ECT.coop
By Michael W. Kahn
When it comes to cyber security at your electric cooperative, there’s no such thing as too much.
“Your co-op needs to do as much as you can today on cyber security, whether it’s required or not,” said Barry Lawson, NRECA associate director, power delivery and reliability. He stressed that the need for co-ops to up their game on cyber security is real, not some TV hype.
“We all are vulnerable. People are trying to find information—Social Security numbers, credit card numbers, other personal information. Your cooperative most likely has some of that information on your members,” Lawson told an April 29 panel at the 2013 NRECA Legislative Conference. “Your members, I believe, expect that you will take prudent steps in these areas.”
He stressed that “it’s not just looking at worst-case scenarios like someone attempting to take control over the grid. More so, in many, many ways, it’s about protecting information, whether it be member info, financial information about your cooperative, or proprietary plans.”
Lawson said even the smallest distribution co-ops need to “understand what the best practices are, understand what the best standards are, and use those to the extent today that you can.” Today’s preparations will pay off down the road.
“When things start to ramp up, and smaller entities start getting impacted by new laws and regulations, you will be in a much better place,” Lawson said.
Addressing co-ops that already place a strong emphasis on cyber security, Lawson cautioned against complacency.
“It doesn’t mean we’re done. It doesn’t mean we don’t have to keep improving.”
Lawson also discussed the emerging cyber security insurance market.
“It is so very difficult today to quantify the risks and to determine how likely those risks are to be infiltrated, and what kind of damage, from a financial standpoint, we’d have,” Lawson said. But, he added, it is likely that down the road, lenders will require either cyber security insurance, or verification that certain security measures are in place.
Also at the forum, Laura Marshall Schepis, NRECA senior director, legislative affairs, noted that on April 18, the House of Representatives passed the Cyber Intelligence Sharing and Protection Act. The measure aims to make the sharing of cyber threat information a two-way street between the federal government and the private sector, including co-ops.
“Information is the life blood of a grid protection program. And our agency partners have gotten better over the last five or seven years at trusting us and sharing information. But our goal is real-time collaboration,” Schepis said. “We need to be able to have very close, very coordinated communications with our federal partners.”
As the bill heads to the Senate, Legislative Conference participants were urged to tell their senators what they like about it, and what they want to see in a Senate bill.
Leave a Reply