What every utility should know about the new physical security standard

[InfoSec News <alerts () infosecnews org>]

http://www.intelligentutility.com/article/15/01/what-every-utility-should-know-about-new-physical-security-standard

By William E. Reiter
intelligentutility.com
Jan 29, 2015

On April 16, 2013, an incident in San Jose, California, led to development 
of a new physical security standard for owners and operators of 
transmission stations and substations.

In the 2013 incident, a sniper attack on a Pacific Gas & Electric 
transmission substation knocked out 17 large transformers that powered 
Silicon Valley. The sniper attack served as a dramatic wake-up call for 
the industry and raised fears regarding the vulnerability of the nation’s 
power grid to terrorist attack.

The more than 160,000 transmission line miles that comprise the U.S. power 
grid are designed to handle natural and man-made disasters, as well as 
fluctuations in demand; but what about physical attack?

As a result of the San Jose assault, the Federal Energy Regulatory 
Commission (FERC) in April 2014 required the North America Energy 
Reliability Corporation (NERC) to establish Critical Infrastructure 
Protection (CIP) standards to “address physical security risks and 
vulnerabilities related to the reliable operation” of the bulk power 
system.

NERC developed and issued what is now commonly referred to as CIP-014-1. 
This is a physical security standard that has a stated purpose to identify 
and protect transmissions stations and transmission substations and their 
associated primary control centers that—if rendered inoperable or damaged 
as a result of a physical attack—could result in uncontrolled separation 
or cascading within an interconnection.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/