The Federal Energy Regulatory Commission (FERC) has set its sights on making the less important parts of the national grid safer against hackers, and has proposed a set of controls to address the growing threat of cyberattacks. Specifically, the agency aims to install mandatory controls to tackle the risks inherent in the use of mobile devices such as laptops and thumb drives that are used at low-impact bulk electric systems.
The FERC also said it will put up for approval a Critical Infrastructure Protection Reliability Standard CIP-003-7, designed to enhance cybersecurity measures under the standards currently in effect by clarifying, FERC said, the obligations involved in electronic access control to low-impact cyber systems, and by prompting the relevant authorities to put in place response policies in case of a system threat.
The new rules were drafted by the North American Electric Reliability Corporation. Low-impact bulk systems include small control centers, sub-stations, and some types of generators and power generation plants. They are considered a lower cybersecurity priority than larger facilities, but could still be targeted by a malware attack, especially through mobile devices that are often more vulnerable to attacks than non-mobile computer infrastructure.
The FERC also said in its news release that it will ask the NERC "to develop modifications to provide clear, objective criteria for electronic access controls for low-impact cyber systems and to address the need to mitigate the risk of malicious code that could result from third-party transient electronic devices. These modifications will address potential gaps and improve the cyber security posture of entities that must comply with the CIP standards."
Cybersecurity across industries has been garnering a lot of attention recently, and judging by industry forecasts about an inexorable increase in threats, chances are this attention will only continue to grow. The national grid is understandably a top cybersecurity priority, and so is the utility industry. A recent study from Zpryme estimated that U.S. utilities will need to splash US$7 billion on strengthening their cybersecurity systems by 2020 as threats continue to increase and multiply.
By Irina Slav for Oilprice.com
More Top Reads From Oilprice.com:
Irina is a writer for Oilprice.com with over a decade of experience writing on the oil and gas industry. More
U.S. Power and NatGas Prices Plummet to Below Zero
Ukrainian Drones Hit Major Rosneft Refinery in Russia
First Niger Oil Bound for China Blocked in West Africa Border Row
Gas Prices Likely to Keep Falling Ahead of Peak Driving Season
Drone Attacks Take Khor Mor Gas Field Offline, Claims Lives