Certain questions come up that I dread at work. Here’s a major one: How many times have we gotten that email, which looks like it came from a friend or colleague, only to find out later that they never sent us any such thing? Maybe we were lucky enough to never open it or maybe we did without thinking twice.
Cybersecurity seems so important, so obvious, yet the attacks arrive in often innocuous fronts. Hackers mimic the names of friends and email addresses, just to get us to open something that could bring in a world of hurt. Sometimes the motive is financial; sometimes it’s just chaos.
Recently I spent two days in San Antonio for the DistribuTECH conference committee meetings. I was my company’s representative on the group which determines content for the Defending the Grid track at the 2018 DistribuTECH set Jan. 23-25 in San Antonio’s newly expanded Henry B. Gonzalez Conference Center, just a proverbial stone’s throw from the Riverwalk.
It was fascinating and mind-blowing to examine the dozens of abstracts sent our way for consideration. Wow, there are so many potential vulnerabilities out there that the bad guys are probing. I know our group, which features experts from Exelon Corp., San Diego Gas & Electric and OATI, among others, did its best to deliver the cream of the crop from the abstracts. Defending the Grid will feature incisive talks on issues ranging from ransomware to attack vectors to physical threats.
The cyber defenses of our power grid have never been more sturdy. A recent report by the North American Reliability Corp. (NERC) indicated that no major hacks were successful in causing loss of load in 2016. That fact is amazing, yet NERC warned that the danger continues to grow.
Those of us at POWERGRID International will try to keep you informed on the latest and best practices in dealing with cyber assaults against the power transmission network. In this issue alone we have three stories devoted to this cause. Jake Williams, founder of Rendition Infosec and a presenter himself at the most recent DistribuTECH in San Diego, writes about the best firewalls and protections for both the IT and OT sides of utilities.
Next up, Cyberbit’s Daniel Cohen-Sason writes about moving past the “air gapping” myth of cyber defenses and focusing on three key steps to address security issues. Finally, Stewart Kantor of Full Spectrum details the many anxieties that grid operators face in today’s connected world.
All in all, it’s a deep dive into the invisible war going on between hackers and grid defenders. It’s probably not ever going to be over, and we’re committed to keep following it from battle to battle.