DOE awards $30M to develop utility cybersecurity tools

See on Scoop.itGreen & Sustainable News

The Department of Energy today awarded $30 million to a 11 security vendors to develop technology the agency says will better protect nation’s electric grid, oil and gas infrastructure from cyber-attack.

Duane Tilden‘s insight:

>The projects, which will combine power system engineering and cybersecurity, will include testing of the new products to demonstrate their effectiveness and interoperability, the DOE said. […]

While the DOE’s investment is welcomed, a survey of U.S. utilities in May shows what many utilities are up against. That survey called “Electric Grid Vulnerability,” said more than a dozen utilities said cyberattacks were daily or constant. The survey was commissioned by U.S. Democratic Representatives Edward J. Markey and Henry A. Waxman who are members of the U.S. House Energy and Commerce Subcommittee.<

See on

Report: US Smart Grid Cybersecurity Spending to Reach $7.25B by 2020 : Greentech Media

See on Scoop.itGreen Energy Technologies & Development

Securing the new IT infrastructure of the power grid against cyber-attack is going to be big business, but that’s not because it makes money for the utilities that are buying it. Instead, today’s smart grid cybersecurity investments are mostly about meeting regulations, satisfying shareholders, and trying to justify the costs …

Duane Tilden‘s insight:

…one of the key tenets of cybersecurity is that you don’t talk about cybersecurity — at least, not the specifics of how you’re discovering, isolating, eliminating and building new protections against new intrusions and attacks that change from day to day.

Those threats can range in intent from simple intrusion and data theft, to full-scale attempts to take over control systems, and can vary in sophistication from cheesy password-stealing scams to sophisticated “advanced persistent threats” coming from shadowy government-backed, quasi-criminal “hacktivist” and mercenary groups.

In North America, much of that spending is being driven by the North American Electric Reliability Corporation (NERC)’s Critical Infrastructure Protection (CIP) requirements. Covering the U.S. and Canada, these rules come with stiff fines of up to $1 million per day for utilities that can’t prove they’re meeting security guidelines, and newer versions add a lot more serial-connected smart grid assets to their purview. The Department of Energy’s $4.5 billion in stimulus grants also came with cybersecurity strings attached, as outlined by the ongoing government-industry work being coordinated by the U.S. National Institute of Standards and Technology, or NIST.

See on