US Legislators: Electric Utilities Dragging Heels on Cybersecurity Mitigations

It would seem that what spurs private and public electric grid utility operators to action with regard to cybersecurity isn’t the Chinese or Iranians attacking them, but the word “mandatory”.A paper published yesterday by two U.S. legislators revealed that when there are mandatory cybersecurity standards put in place by the Federal Energy Regulatory Commission or the North American Electric Reliability Corporation, compliance with the standard is 80 percent or better. When it comes to voluntary measures suggested by the two governing bodies, compliance plummets to less than 25 percent in some cases. Some of those voluntary recommendations are specific to attacks such as Stuxnet, while others are general in nature to remote attacks.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.