Cybersecurity and the Electric Grid – New GAO Report Identifies Actions Needed to Address Cybersecurity Risks

Robinson+Cole Data Privacy + Security Insider
Contact
LinkedIn
Facebook
X
Send
Embed

The United States Government Accounting Office (GAO) recently issued a report on the cybersecurity risks facing the electric grid. The GAO reviewed the cybersecurity of the electric grid to determine the risks and challenges facing the grid, to describe federal efforts to address those risks, to assess the extent to which the Department of Energy (DOE) has defined a strategy for evaluating grid cybersecurity risks and challenges, and to assess the extent to which Federal Energy Regulatory Commission (FERC)—approved cybersecurity standards address grid cybersecurity risks.

The report was commissioned at the request of Congress and made several recommendations aimed at implementing a federal cybersecurity strategy for the grid. The GAO made one recommendation to DOE and two recommendations to FERC, which regulates the interstate transmission of electricity. GAO recommended that the DOE’s strategy for the grid address the key characteristics of a national strategy, including a full assessment of the cybersecurity risks . The GAO recommendations to FERC included considering adoption of changes to its cybersecurity standards to more fully address the National Institute of Standards and Technology (NIST) Cybersecurity Framework. The second recommendation was to evaluate the potential risk of a coordinated cyber-attack on geographically distributed targets and determine if changes are needed in the threshold for mandatory compliance with the requirements in the full set of cybersecurity standards.

The GAO report identified threat actors to the grid as nations, criminal groups and terrorists, and recognized that the electric grid of the U.S. is becoming more vulnerable to cyberattacks against supply chains for industrial control systems, consumer Internet of Things (IoT) devices connected to the grid’s distribution network, and global positioning systems (GPS).  It’s no secret that a serious cyberattack on the nation’s electric grid would be devastating. The report contains many details of the different attack strategies, but more important, it recognizes that identifying resource needs and coordinating efforts through private/public partnerships will be critical in implementing a cybersecurity strategy to protect the grid.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide