Department of Energy Takes on Smart Grid Security

Saturday, February 19, 2011

David Navetta


Article by Boris Segalis

On February 1, 2011, the Department of Energy announced the launch of the Cyber Security Initiative to develop cyber security risk management process guidelines for the electric grid.

The Department’s Office of Electricity Delivery and Energy Reliability will lead the effort in collaboration with the National Institute of Standards and Technology and the North American Electric Reliability Corporation.

The core team has invited stakeholders from across the utility sector to participate in the initiative, including representatives from the Federal Energy Regulatory Commission, the Department of Homeland Security, and both publicly and privately-owned utilities.

The proposed guidelines will seek to provide utilities a flexible, fundamental approach to managing cyber security risks through a three-tiered approach, addressing risks at the

  • (i) organization level;
  • (ii) business process level; and
  • (iii) information systems level.

The guidelines will allow utilities to better understand cyber security risks, assess their severity, and allocate resources to more efficiently manage the risks.

The initiative will produce a draft guideline document that will be available for public review and comment, and then finalized and issued by the group.

Cross-posted from InfoLawGroup

Possibly Related Articles:
SCADA NIST Risk Management Smart Grid Infrastructure DOE
Post Rating I Like this!
shawn merdinger I sure hope it works out better than the last round of NERC CIP guideline development. To see what I mean, see the following report:
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.