The U.S. Department of Energy (DOE) this week kicked off a 100-day plan whose goal is to improve the cybersecurity of electric utilities — specifically their industrial control systems (ICS) — and secure the energy sector supply chain.
SecurityWeek has reached out to several industry professionals for their thoughts on this new initiative including aeSolutions Vice President of Industrial Cybersecurity, John Cusimano. Read his thoughts and others at the link below : https://www.securityweek.com/new-initiative-protect-us-electrical-grid-cyberattacks-feedback-friday
“While it’s nice to see ICS cybersecurity garnering much national focus and attention, I find it disappointing that the US government continues to focus almost exclusively on the electric power sector in its efforts to secure ICS. They seem to fail to recognize that ICS are used in nearly every critical infrastructure sector. We must secure the entire energy supply chain from the source to the power generation facilities, refineries, and downstream chemical facilities that absolutely rely on these raw materials. Based on my direct work across many energy sectors and our extensive data, the nation’s greatest ICS cybersecurity risks are in water, maritime transportation, oil & gas pipelines, and critical manufacturing sectors such as food, pharmaceuticals, and medical devices. What these industries have in common is that the consequences of ICS cybersecurity compromise could lead to public health, safety, and environmental catastrophes. It is my hope that the pending executive order for ICS cybersecurity will extend well beyond energy sectors and especially beyond the electric sector, which has been regulated by the Federal Energy Regulatory Commission (FERC) or the Nuclear Regulatory Commission (NRC) for ICS cybersecurity since 2010. The critical infrastructure sectors discussed are vulnerable to ICS attacks and are well behind in implementing the appropriate countermeasures to secure their infrastructure. It’s time the US government’s ICS cybersecurity efforts go beyond the electric sector.”