Making Grid Security a Priority

December 3, 2015

Former television journalist Ted Koppel recently released a book addressing the cyber and physical security threats to the electric grid. The book, Lights Out: A Cyberattack, a Nation Unprepared, Surviving the Aftermath, asserts that only a laptop is needed to bring down the entire grid, and evaluates the state of the government’s and the industry’s preparedness in the case of a major blackout.

Koppel’s book has many poignant messages and focuses mainly on what life would be like without electricity. Surely, no one can imagine a world without lights, computers, cell phones, or more critically, running water, waste systems and food production. The point Koppel is trying to make with his book is less about what we can do to prevent an attack on the grid, but more about how much we truly rely on electricity, and specifically the grid that ensures its reliable delivery to our homes and businesses every second of every day.

While Koppel’s book certainly provides some shock factor, it is important to remember that the electric power sector has made grid security a priority and actively works to prevent cyber attacks. The power industry is diverse, and its desire to improve security is universal.

While the electric power sector and government partners continue to take steps to manage risk, Koppel makes one point to which utilities of all sizes should pay attention. He says, “Security and day-to-day reliability become a shared responsibility, and as with any other chain, the electric power grid may only be as strong as its weakest link.” He goes on to say smaller companies “are simply not inclined to spend a great deal on cybersecurity. The weakest links in this system tend to be the smaller companies with the poorest security and maintenance practices.”

This presents a serious problem because of the interconnectedness of the grid. Different companies are responsible for different phases of the process – from the generation of electricity to delivery to the end-use customer. Information changes hands several times throughout that process and even after electricity is delivered, information is relayed back to the delivering utility. The smallest margin of error along the way provides an opportunity for a cyber attack.

In an effort to do our part in this process, Heartland has partnered with Helix Security to help our customers protect against cyber threats. Heartland, as well as our customers, must be accountable when it comes to cybersecurity. Taking steps to protect information is vital for any utility and because so many of our customers can’t do it on their own, we want to help. We certainly don’t want any of our customers to be the weakest link.

Helix provides cybersecurity services in five phases, starting with the fundamentals and building towards a fully functioning security management package. Heartland is providing a fifty percent cost share for any of our customers who choose to utilize Helix’s services, up to $5,000 per utility, per phase.

We currently have one customer signed up to begin Phase 1, and look forward to more customers taking advantage of this vital opportunity. Pricing is affordable and is based on your utility’s meter count. There is also not a lot of time commitment on your part, as Helix does all the heavy lifting.

Heartland hopes to get all of our customers to participate in this important program, because as Koppel reminds us, the effects of a long-term, widespread blackout would be devastating. If you’d like more information on how your utility can begin Phase 1, contact Ann Hyland at (605) 256-6536.

Photo credit NASA/GSFC