Cybersecurity News

The nation’s power grid — an ever-increasing topic for the cybersecurity world — continued to create a buzz late last week, as the National Institute of Standards and Technology (NIST) released a 537-page report to outline “Guidelines for Smart Gird Cyber Security.”

The report, developed by members of the Smart Grid Interoperability Panel–Cyber Security Working Group, begins by disclosing:

The United States has embarked on a major transformation of its electric power infrastructure. This vast infrastructure upgrade—extending from homes and businesses to fossil-fuel-powered generating plants and wind farms, affecting nearly everyone and everything in between—is central to national efforts to increase energy efficiency, reliability, and security; to transition to renewable sources of energy; to reduce greenhouse gas emissions; and to build a sustainable economy that ensures future prosperity. These and other prospective benefits of ‘smart’ electric power grids are being pursued across the globe…

Steps to transform the nation’s aging electric power grid into an advanced, digital infrastructure with two-way capabilities for communicating information, controlling equipment, and distributing energy will take place over many years. In concert with these developments and the underpinning public and private investments, key enabling activities also must be accomplished. Chief among them is devising effective strategies for protecting the privacy of Smart Grid-related data and for securing the computing and communication networks that will be central to the performance and availability of the envisioned electric power infrastructure. While integrating information technologies is essential to building the Smart Grid and realizing its benefits, the same networked technologies add complexity and also introduce new interdependencies and vulnerabilities. Approaches to secure these technologies and to protect privacy must be designed and implemented early in the transition to the Smart Grid.”

According to InformationWeek, the NIST document addressed the growing vulnerabilities of the US power grid and offered up “high-level security requirements, a risk assessment framework, an evaluation of privacy concerns, guides to mitigating vulnerabilities and a summary of research needs.”

Meanwhile, Reuters reported that the NIST guidelines “are the second major output of NIST-coordinated efforts to identify and develop standards needed to convert the nation’s aging electric grid into an advanced, digital infrastructure with two-way capabilities for communicating information, controlling equipment and distributing energy.”

Noting that the guidelines focus on cybersecurity strategies involving prevention, detection, response and recovery, the article goes on to mention that “cybersecurity spending will represent approximately 15% of total smart grid capital investment between now and 2015.”

“If we are to truly modernize our electrical grid, we must have electricity producers, distributors and consumers all speaking the same language and all working together to make our grid more secure,” Energy Secretary Steven Chu said in a statement.

Additional news on the NIST report follows:

As smart grid approaches, security concerns follow (Federal Computer Week)

NIST finalizes Smart Grid cyber guidelines (Federal News Radio)

US NIST publishes guide to smart grid cybersecurity (Computer Weekly)

NIST: More research needed for smart grid cybersecurity (Fierce Government IT)