Utility officials wary of cyberattacks but say lengthy widespread outage is ‘implausible’

Gerry Cauley, president and CEO of the North American Electric Reliability Corp. (NERC), agreed but acknowledged that cyber threats against the U.S. power grid are very real.

“It is extremely unlikely, but I do think that it is prudent for us to be concerned,” Cauley said. “I think it is prudent for us to think in terms of worst-case [scenarios], and that’s why we do take such extreme measures in terms of playbook planning, coordination among agencies and [grid exercises of attack scenarios] to make sure that we understand our roles and responsibilities and what a large-scale crisis looks like.

“So, we do remain concerned about it, but it is extremely unlikely.”

Kevin Wailes, CEO of Lincoln Electric System in Nebraska, echoed this sentiment and said that the utility industry is known for taking steps to recover quickly from incidents that result . As an example, Wailes noted that the power grid was able to withstand a 2013 sniper attack on a Metcalf Transmission substation in California.

“I think it’s important to note that—in the Metcalf instance, as an example—there was no interruption of load associated with that incident, even though it was a major substation,” Wailes said. “The redundancy that is in the system—both with respect to the transmission-and-distribution structure, but also with respect to generation and reserves—is significant.

“Although it is extraordinarily important that we evaluate and prepare to respond to those worst-case scenarios, what the industry does on a routine basis—and we’ve been doing it for years, whether it is an ice storm or a hurricane—we basically respond to and address outage types of events. [We] probably practice it more than virtually any other industry.”

During the webinar, speakers acknowledged that there is no “silver bullet” solution to the cyber threat on utilities, but they noted that government and industry officials continue to develop and enhance a multi-layered program designed to reduce the likelihood of a successful cyberattack and enable a quick response the limits any damage.

 “You’ve heard all of my esteemed colleagues on this panel talk about the reality of a multilayered approach, because they need to protect, detect and mitigate—not just one or the other,” said Edna Conway, Cisco Systems’ chief security officer for the global value chain. “To me, the innovation lies in the early real-time detection, so that the mitigation can in fact be implemented on a risk-based approach.

“Realistically, you can’t affect everything. But, if you get real-time automated anomaly detection—and we’re seeing some of that in the Internet of Things and Big Data calculations—that allow an operational-level view real time and awareness to things that may not yet be a security breach but are anomalous and need further investigation.”