Coverage on National Commision on Grid Resilience’s (NCGR) Latest Report

The following is press coverage on the NCGR’s new report, courtesy of UtilityDive.com.

 

Dive Brief:

A new report from the National Commission on Grid Resilience (NCGR) calls for declassifying and giving utilities greater access to information about threats facing the United States’ electric system, to better protect critical infrastructure and communicate the extent of the risk to the public and decision-makers.

The report recommends Congress develop a new independent agency staffed by cybersecurity and defense experts, and “a profound overhaul of the communication of classified threat information to utilities.”

The call for greater information sharing with the electric industry is not new, but security experts questioned the need for a new federal agency when similar work is already being done by the Electricity Subsector Coordinating Council (ESCC) and NERC’s Electricity Information Sharing and Analysis Center (E-ISAC).

 

Dive Insight:

There is some risk in declassifying threat information, experts concede, as it may tip off foreign adversaries to the electric sector’s defense capabilities and the United States’ information gathering processes. However, as attempts to disrupt the power grid become more sophisticated, NCGR’s analysis views this as a necessary tradeoff to better inform the industry of the growing threat.

“This is a national security threat, but it’s not widely recognized by the American people. And even the people who should be charged with protecting us from it, often don’t get the information they need,” retired General Wesley Clark said Thursday at a public virtual event unveiling the commission’s recommendations.

Clark is an NCGR commissioner, along with former Republican Rep. Darrell Issa from California; Kevin Knobloch, a former DOE chief of staff who is now president of Anbaric offshore wind development entity New York OceanGrid LLC; Gueta Maria Mezzetti, a former member of the Pentagon’s Energy Security Executive Council; and several others. The group is chartered and supported by Woodstar Labs, a non-profit technology and analysis firm owned by Associated Universities Inc.

The report includes nine recommendations and calls for federal lawmakers to direct the Department of Energy (DOE), Department of Homeland Security (DHS) and the Director of National Intelligence to “establish a central clearinghouse and decisional node for communicating full and accurate threat information to bulk power system operators and electric utilities.”

Congress should establish a National Resilient Grid Authority to help test for and protect against electric system vulnerabilities, according to the report. The new agency would be independent and staffed by rotating appointments of security experts from both the private and public sector, the group said.

Clark said the government needs to build on the current Cybersecurity Risk Information Sharing Program (CRISP), which is a collaboration between the E-ISAC, DOE and the Pacific Northwest National Laboratory.

CRISP disseminates threat information, Clark said, “but it’s not fast enough, and it’s not detailed enough to take responsive action.”

DOE did not respond to requests for comment on CRISP’s capabilities.

NERC, in an emailed statement, said that timely and actionable information sharing “are essential to grid security,” and said it works with E-ISAC to”operate a full suite of products and services designed to provide threat intelligence and coordination to North American utilities on a range of cyber and physical security threats.”

Along with CRISP, those tools include NERC alerts, All Points Bulletins and Critical Broadcast Program calls. NERC and E-ISAC communications with utilities “focus on sharing security threats and mitigations in near-real time,” a spokesman said in an email.

But according to Clark, DOE, DHS and and industry entities “need expanded powers” to “name and shame” hostile actions and attack attempts, with an emphasis on the frequency of intrusions.

“I know this risks indicating how much we know about adversaries, but it’s a risk we have to take as a nation because we’ve got to get the American people and our private sector institutions to understand what we’re up against,” Clark said.

Security experts agree the need for threat information sharing is essential, but questioned the efficacy of a new federal agency and warned there can be danger in providing the industry with too much data.

Any communication overhaul should leverage existing self-governance mechanisms within the industry, including ESCC and E-ISAC, said Shawn Wallace, vice president of energy at IronNet Cybersecurity. That approach is endorsed by the NCGR recommendations, but Wallace balked at creation of a new federal agency.

“We do not need a new group or federal agency to step into this function when the E-ISAC is already performing this role in the sector,” he said in an email. He agreed with calls for real-time information sharing networks and action tools that “reach directly into system control rooms.”

“In order to meet the future threats, information sharing needs to be automated and real time,” Wallace said. “Utilities don’t need more information, they need better resolution on the information that’s already out there. …If they’re taking in too much information it can become diluting and they’ll struggle to get value from it.”

The call to more quickly disseminate threat information to the utility sector is not new. Last year, NERC President and CEO Jim Robb called for the federal government to accelerate the declassification of industry-relevant information regarding cybersecurity threats and consider broadening the availability of security clearances for the energy sector.

Other NCGR security recommendations include development of a nationwide network of resilience-focused microgrid test beds, changes to both on- and offshore transmission planning and a strategic reserve of grid transformers and other critical infrastructure.

Article by UtilityDive.com’s Robert Walton.

 

In Other News…

Big Astronomy Planetarium Show Premiers September 26

Big Astronomy planetarium show premiers September 26 Turn your phone into a planetarium with innovative and immersive 360° streaming San Francisco – The Big Astronomy worldwide premiere is coming soon to a smart phone or connected device near you! On September 26 at...

ALMA Discovers Misaligned Rings in Planet-Forming Disk Around Triple Stars

Using the Atacama Large Millimeter/submillimeter Array (ALMA), two teams of astronomers have for the first time discovered a planet-forming disk with misaligned rings around a triple star system, called GW Orionis. The astronomers give two possible scenarios for the...

Why North Carolina Outsourced Election Cybersecurity to a ‘CISO-as-a-Service’

The following is press coverage on Woodstar Labs' involvement with North Carolina's election security, courtesy of statescoop.com. Faced with mounting cybersecurity needs headed toward the presidential election, but lacking the financial resources to build out a more...

A Cyber-Risk We’re Not Prepared For: What if the Power Grid Collapsed and America Went Dark?

The following is press coverage on the NCGR's new report, courtesy of washingtonpost.com. EVERY CATASTROPHE comes as a shock, but many shouldn’t come as a surprise. Just as we knew a pandemic was a possibility yet failed to plan for it, power-grid collapse is a threat...

Grid Security And Cyber Defense Cannot Fall On Deaf Ears, Experts Warn

The following is press coverage on the NCGR's new report, courtesy of Forbes.com. If the electrical grid is knocked out for long periods, the damage to the American economy would be insurmountable. And the country’s enemies know that. That is why its brain trust is...

Coverage on National Commision on Grid Resilience’s (NCGR) Latest Report

The following is press coverage on the NCGR's new report, courtesy of UtilityDive.com.   Dive Brief: A new report from the National Commission on Grid Resilience (NCGR) calls for declassifying and giving utilities greater access to information about threats...

Woodstar Labs Welcomes New Wave of Cyber Analysts

Woodstar Labs, a subsidiary of AUI focused on cutting-edge-cybersecurity solutions, microelectronics, eLearning, and STEM education welcomes a new cohort of Cyber Analysts. Woodstar labs is excited to work with this talented group of young professionals as we continue...

AUI Statement on Racial Equity

As the nation continues to mourn and respond to the unjust death of George Floyd, there is no doubt that violent race-related incidents and the subsequent protests and clashes are the most urgent need for us as a society to address. Further, to address them, we must...

2020 AUI Scholarship Winners

Below are the winners of the 2020 AUI Scholarship conducted by International Scholarship and Tuition Services, Inc. These students will each receive an award of $3,500 per year to aid in defraying expenses at the college or university of their choice. Lexington Miller...

Big Astronomy Wins Big

Big Astronomy wins “Best Astronomy Education” Award in the Dome Under Fulldome Film Festival. Melbourne: The Dome Under Fulldome Film Festival hosted its first planetarium film fest in Melbourne, Australia, on February 8 – 9. Big Astronomy: People Places Discoveries,...

You are now leaving AUI

You will be redirected to the related partnering organization's website.

You will be redirected to
in 4 seconds...

Click the link above to continue or CANCEL