Annual Commissioner-led Reliability Technical Conference
FERC HQ
I was humbled to be asked to speak to the Commission on the topic of Cyber Threats. I regret that I can’t locate a list of panelists who also participated. Much of my testimony was centered on CRASHOVERRIDE and ELECTRUM activities.
Agenda:
There is a widespread understanding among policymakers and industry that cyberattacks are a persistent and growing threat to the reliable or resilient operation of the Bulk-Power System. This panel will shed light on opportunities to collaboratively address existing and emerging cyber threats and vulnerabilities. Examples of recently publicized cyberattacks against industrial control systems include compromises of vendor systems and the cyber supply chain, and increasingly destructive malware. Additionally, vulnerabilities have been revealed in the structure of the processors underlying most cyber systems themselves. Panelists will be asked to address the following:
- How are current trends in cyber threats and vulnerabilities affecting the behavior of grid owners and operators? How can grid operators be better prepared to protect their systems from these threats? How do you recommend organizations mitigate cyber risks? How can the Critical Infrastructure Protection Reliability Standards (CIP Standards) be improved to assist responsible entities in addressing emerging cyber threats? What information-sharing practices are required? How are best practices developed, applied, and improved?
- How can changing technology (e.g., cloud computing, virtualization, “Internet of Things,” “Industrial Internet of Things”) introduce new vulnerabilities that may impact the security of the Bulk-Power System? How could cloud computing, virtualization, and other technologies be deployed securely to help manage the emerging grid?
- The Commission engages with other agencies and industry in mitigating the risk posed by cyber threats – including promoting information sharing, identifying and assessing threats, sharing lessons learned and best practices. How can we improve these efforts?
- How can cyber incident response plans be improved to address the evolving cyber threat landscape? For example, when a cyber system is compromised, antimalware software may not identify the system as compromised, and the only indicator may be the system’s abnormal behavior.
- When considering the emerging cyber threats to industrial control systems, what strengths and weaknesses in the body of CIP Reliability Standards are revealed? What role can the voluntary development, application, and sharing of best practices play?