Government Technology

Grid Security Summit Assembles Top Security Experts

Smart Grids
Photo by James Jhs. Creative Commons License Attribution 2.0 Generic

August 6, 2012 By

I have spent the last few days moderating and recording The  Smart Grid Security Virtual Summit which will be webcast on August 9th. I highly recommend this summit. Speakers include a who’s who list of top industry experts who offer their opinions on how to correct the real issues related to securing the power grid.  From what we have done to what we need to do, summit sessions are real eye openers disclosing problems and providing answers to critically needed smart grid and critical infrastructure security questions.

I moderated the panel discussion “Smart Grid Security, Past, Present and Future” which include industry professionals I have previously interviewed for Digital Communities. Bob Lockhart -- a senior research analyst contributing to Pike Research’s smart-grid practice with a focus on cyber security markets -- co-authored a white paper with Research Director Bob Gohn on the Seven Trends to Watch in Utility Cyber Security.  From market projections for this new multi-billion dollar cyber security business to the current state of near chaos in securing the power grid, the discussion was packed with reality checks of where we are and where we need to be in securing the grid.

The panel discussion continued with outspoken industry leader Patrick Miller who views the need for cyber security from both the public- and private-sector sides. Miller is president and CEO, EnergySec and principal investigator of National Electric Sector Cybersecurity Organization (NESCO), a public-private partnership between the U.S. Department of Energy and EnergySec to enhance cybersecurity in the electric sector. Miller suggested less talk and more action in addressing security breach concerns and discussed a high-level view of power grid security.

Ending the panel discussion was Ted Wood , director at Sterne, Kessler, Goldstein & Fox. Wood's job is the discovery and protection of intellectual property in things like smart-grid security. From international cyber security espionage to plain old American ingenuity, Wood offered a unique view to the realities of cybersecurity. Wood leads the firm's Grid Industry Group, where he focuses on helping innovators involved with ensuring power grid resiliency in an evolving smart-grid infrastructure.  His discussion focused on how small business ingenuity can protect intellectual property while fast tracking creative solutions through the bureaucracies of big business and big government.

I spoke in the second panel discussion,  Is Current Legacy IPS And IDS Security Enough For The Smart Grid And Critical Infrastructure?  My presentation focused on how current security solutions may be too costly, too complex and too inefficient for critical infrastructure requirements.  From securing Intrusion Prevention Systems (IPS) that now must securely encrypt the new end point of nano sensors chip sets to Intrusion Detection Systems (IDS) that must now be able to view real time event anomalies and business processes, this discussion showed the need for security technology change. The subject of why we need to look at smart-grid security differently was first discussed in my recent article, Smart-Grid Security Will Force New Ways of Thinking. This presentation expanded on this article and discussed proof points of why new security solutions are required for smart grid and critical infrastructure security.

The second session speaker was Phil Smith, founder and president of TLC Secure who has had a long and illustrious career with senior technical and managerial roles at HP, Cisco, NASA, Lawrence Livermore National Lab and others. He is the innovator, architect and developer of several implementations of mobile devices as well as the cryptographic libraries and identity management components. Smith has worked with critical infrastructure encryption security used in wireless sensors in atomic power plants and Department of Defense applications.  His time tested applications of Intrusion Prevention System (IPS) security showed how true end-to-end security can be achieved for the smart grid.

The last prerecorded panelist, Rajeev Bhargava, is CEO of Decison-Zone and an expert in the information management field that has architected, developed and built next-generation cyber security, risk, fraud and privacy solutions. In 2010, Rajeev Bhargava received a U.S. Patent for the world’s only technology capable of 100 percent fraud and system security protection. Bhargava discussed a completely new way of addressing Intrusion Detection System (IDS) security through the prediction, detection and correction of event anomalies in realtime business processes.  This discussion revealed why current IDS solutions are not enough for smart grid system security.  

Additional session discussions included:

1. Identifying and Mitigating Cyber and Physical Threats to Smart Grid SCADA Systems , William Lawrence, chief technologist; Energy & Cyber Security Lockheed Martin;

2. A Utility Perspective on Smart Grid Security Status and Challenges, Ward Pyles, senior security analyst, Southern Company;

3. Regulators' Role in Smart Grid Security: What They Want to Know, Alan Rivaldo, cyber security analyst, Public Utility Commission of Texas;

4. Recent TVA Experiences and Insight on Smart Grid Cyber Security,John Stewart, specialist engineer, Power Control Systems, Tennessee Valley Authority and

5. Security Issues Surrounding Cloud Computing and Big Data in the Smart Grid, William Souza, manager - Security Integration, Reliability Services Division, PJM Interconnection. 

Click here for more information on the conference which will be web broadcast Thursday 9 a.m. to 5 p.m. EST.

Larry Karisny is the director of Project, a smart-grid security consultant, writer and industry speaker focusing on security solutions for the smart grid and critical infrastructure.

| More


Prof P J Gammarano    |    Commented August 7, 2012

Does it occur to the Grid leadership that some of the best cost-feasible preventive measures would also include some low-techbut high-powered chainsaws with their workforce to remove ALL vegetation overgrowth that comes within at least 30 feet of any utility structure ? ! From a former institutional Risk Manager of a very large footprint public complex...

Prof P J Gammarano    |    Commented August 7, 2012

As an addendum to the earlier comment, the regular (albeit also somewhat unpredictable) natural disasters do predictably cause large-scale outages and significant expenses (in cable / pole/ transmission line equipment) to restore, in addition to the overime pay for the hard work, at the worst timing. Every corporate utility leader should require & support the sustenance of an annual review policy of assurance that such facilities clearance is maintained. Disasters are classified, as you know, into two categories: human-made, and natural. Preventiveness is very cost-feasible for both forms !

Larry Karisny    |    Commented August 7, 2012

Prof Gammarano, Living in Florida I can assure you power outages from a natural disaster like a hurricane are no fun. Unfortunately our newest and maybe most devastating unnatural disaster to the power grid could be from viruses like Stuxnet, Flame or other known cyber security breaches.

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers