During the Siemens Executive Cybersecurity Forum for Electric Power, held virtually June 17, 2021, Manny Cancel, senior VP, North American Electric Reliability Corp (NERC), encouraged electric-power industry stakeholders to share information on cybersecurity threats, vulnerabilities, and experiences through NERC’s E-ISAC (Electricity Information Sharing and Analysis Center) platform.
Cybersecurity alphabet soup is thick enough, and it’s often difficult to see what value many of these cyber organizations and initiatives offer. Nevertheless, it’s good to at least be aware of them and their work on behalf of the industry. This report, available from E-ISAC website, may help you figure that out.
Among other things, E-ISAC runs GridEx, an annual simulated attack scenario to which stakeholder leaders respond as a “play” exercise. The goal is to “engage senior industry and government leaders in a comprehensive discussion of the extraordinary operational measures needed to protect and restore the reliable operation of the bulk power system (BPS).”
On an on-going basis, E-ISAC members work with the relevant government agencies to find patterns and trends in vulnerabilities, threats, and incidences. This can only be done if stakeholders share data from which the patterns and trends can be discerned.
Current efforts are directed at supporting President Biden’s “100-day plan” to shore up industrial control systems and operational technology (OT—the stuff that is inside your plant running things) by addressing global supply-chain vulnerabilities.
Among the factoids gleaned from Cancel’s presentation:
- 43% of respondents to a recent survey said they were either “not confident in” or “not sure about” their company’s emergency response plan to address physical and cybersecurity threats.
- Unpatched vulnerabilities are the cause of one-third of all breaches of Microsoft software.
- There has been a 48% increase in vulnerabilities between 2019 and 2020.
Fortunately, most problems can be addressed by paying attention to the basics of strong password usage, endpoint management (centrally and remotely monitoring servers, PCs, mobile devices, etc) and secure remote access.