This week, Ampere Industrial Security and INPOWERD announced that they have combined forces to help utilities and energy companies raise their levels of cybersecurity, reliability and compliance.
The partnership, comprised of two cybersecurity consulting firms, will give more critical infrastructure organizations the opportunity to improve their levels of NERC CIP and Operations and Planning (O&P) standards compliance at the same time, the two companies said in a press release.
“We show you how to navigate, interpret, and apply the regulations with the least amount of operational impact, budget impact, and resource impact,” said Patrick C. Miller, CEO of Ampere Industrial Security. “At the end of the day, the lights will stay on and the organizations will be more resilient, more compliant, and more secure.”
“A cyber-attack of great consequence on the U.S. power grid would shatter the ideal cybersecurity framework of private-sector accountability for maintaining security of the energy sector critical infrastructure,” said Earl Shockley, president of INPOWERD.
Both Shockley and Miller helped build the compliance and enforcement programs during the startup of the Electric Reliability Organization (ERO). They have led or participated in approximately 300 NERC CIP and O&P compliance audits and investigations, at the NERC, Regional and Registered Entity levels.
“Our mission is to create a greater aptitude for solving complex business problems for our clients. Patrick and I believe our extensive combined experience at the regulatory level, industry level and the consulting level amplifies our firm’s ability to provide clients integrated diversity around problem solving,” said Shockley.
In previous roles, Miller worked at PacifiCorp as a senior information security consultant and then entered the regulatory space as manager of CIP (critical infrastructure protection) audits and investigations for the Western Electricity Coordinating Council Regional Entity under the North American Electric Reliability Corporation (NERC) in their capacity as the Electric Reliability Organization delegated by the Federal Energy Regulatory Commission (FERC).
Shockley worked at major utilities including SDG&E, Seattle City Light, and TVA before moving on to NERC where he was a senior director of compliance and certification.
“Both Earl and I have a similar philosophy. You have to design the compliance to fit around — and the controls to fit within — the existing operational process,” said Miller. “It makes life easier for the utility staff, the operations professionals, the security professionals, as well as the compliance executives trying to manage this. Then the executives and shareholders of the company can rest a little bit easier as well.”