The security, economy, and general welfare of the United States are critically dependent on electricity. Transportation, pipelines, communications, and other essential services would all fail without a continuously operating electricity grid. It’s fair to say that the grid is the most essential of all our critical infrastructure, which is why it is of the utmost importance that it be adequately protected.
While the grid is vulnerable to numerous and ever-changing threats — including physical sabotage, cyber sabotage, and destruction by electromagnetic pulse (EMP) — important steps have been taken to improve grid security in recent years. Key information about the grid and how it operates is no longer public, which reduces easy targeting by potential physical saboteurs. We have strengthened online information security and added multiple levels of cybersecurity. We have also acquired some transformer back-up and have implemented mandatory sharing of spares in the event of a localized EMP or other destructive event.
Legislators have recently introduced bills to further strengthen the resilience of the grid. For example, H.R. 3710, the Cybersecurity Vulnerability Remediation Act, would allow the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to disseminate protocols to counter vulnerabilities. Senate Bill S. 333 would authorize the Secretary of Homeland Security to work with a consortium of non-profits to develop, update, and deliver badly needed cybersecurity training.
Yet, there are still major challenges to grid security. The “edges” of the grid are vulnerable due to lax security and human error, potentially devastating malware “bombs” hidden in the grid must be removed, and we need better coordination among the multiple (and sometimes overlapping) federal and state agencies responsible for security. We must also assess whether we can do more to stockpile critical spares, segment the grid, and install fail-safes to protect us from an EMP. We should ensure that investments in grid security are among our top priorities if we are to secure and protect our critical infrastructure.
Learn more about grid security from General Clark in our recent webinar, “Energy, The Grid, & Security Issues,” held on May 6, 2020.
Question 1: Are we currently investing enough in grid security efforts? How does the need for increased security compare to other policy priorities?
How can we talk about building grid security without first having a discussion about what a future grid will actually look like? Securing a one directional, one generation owner grid… Read more »
It depends on what one has in mind by “grid security efforts”. We are most certainly in need of investment in a better grid, and one aspect of “better” is… Read more »
Question 2: Who should be primarily responsible for efforts to increase grid security? – governments, in protecting the public interest, or energy companies that have a responsibility to protect customers… Read more »
General Clark, Thank you for holding the recent OurEnergyPolicy webinar and this follow-up discussion topic on electric power grid security. I have not worked on grid security but would like… Read more »
Henry, thanks for your comment. I pretty much agree with the way you outlined the responsibilities for the security of the grid. Of course, ultimately, this too comes down to… Read more »
That’s an interesting question. If we’re talking about security against cyber attacks, we have to recognize that the vulnerabilities we’re trying to patch exist precisely because the states and private… Read more »
Question 3: Securing our electricity infrastructure (a public service) can require tighter controls on information. How do we retain public accountability while preserving essential elements of grid security?
I don’t accept the premise. I don’t think securing our electricity infrastructure requires tighter controls on information. Certainly, there’s information that you don’t want to broadcast — say a map… Read more »
General, thank you for your leadership on energy security issues. One of the greatest threats to national and international security is also one of the most ignored. Crony-dominated, anti-competitive energy… Read more »
I am very concerned about the monopolistic practices and market domination you’re speaking of. This is, of course, normal behavior in a private enterprise driven economy. Any firm will attempt… Read more »
General Clark, what is the single most important step the President-elect in November can take to address the cyber threat to the U.S. power grid?
The most important action is to appoint a Presidential Review Commission to pull together and promote recommendations for greater security. Must have full backing and participation from the various elements… Read more »
Do you believe the deployment of microgrids with or without net metering capability can effectively harden the electricity delivery system?
Yes, I do believe that segmenting the grid is an important element in grid hardening, but it is only one of the measures we must undertake.
Grid security requires four steps: 1) advanced cybersecurity protections and training, 2) maximum, practical energy efficiency to significantly reduce electrical demand (according to ACEEE can be cost-effectively reduce electric loads… Read more »