Blog Article

Cybersecurity and the Electric Grid: An Imminent Threat or a Risk That Can Be Thwarted?

Written by: Tara Ebrahimi

Cybersecurity and the Electric Grid: An Imminent Threat or a Risk That Can Be Thwarted? icon

Thirty years ago, the concept of cybersecurity conjured up images of grungy computer hackers and endless strings of binary code, more akin to a Hollywood movie than reality. Today, however, the threat of cyber-attacks on our electric grid constantly looms over us like a harbinger of a post-apocalyptic time. As this escalates, and the grid becomes increasingly vulnerable as a result of a highly-interconnected Internet of Things, the need for security grows.

What Exactly Is the Electric Grid?

The electric grid is the commercial electric power generation, transmission, and distribution system comprising power lines and other infrastructure. The grid delivers electricity that is essential for modern life. According to Energy.gov, America’s electric grid supports more than 330 million people and requires 600,000 miles of transmission lines. Like the arteries that carry blood from our hearts to all parts of our bodies, this complex system is the lifeline that powers almost everything we do.

What Would a Cyber Attack Look Like?

Business Insider researched cyber warfare for an in-depth piece about what a large-scale attack on the U.S. could look like. The conclusion? “A successful cyberattack on critical infrastructure could do as much damage as a natural disaster, bringing a whole country to a standstill.” Cybersecurity attacks could cause widespread power outages in the U.S., resulting in water shutdowns, and leave individuals with no means of communication. The damage would be catastrophic.

What’s So Challenging about Protecting the Grid?

There are numerous reasons why protecting the grid is such a challenge. First, while the Federal Government has a vested interest in the electric grid, most of the grid is owned and operated by private industry, which is not incentivized to prioritize cyber defense, according to industrial cybersecurity expert Phil Neray from CyberX. Additionally, cybersecurity is a relatively new field, about which much is still unknown. It was only last year that the Cybersecurity and Infrastructure Agency (CISA) was created under the Department of Homeland Security. According to an assessment conducted by the Harvard’s Kennedy School of Government and the Belfer Center for Science and International Affairs, “Federal cybersecurity is a dense, inaccessible topic to those outside the information security community and even to some inside it. Information is scattered across a variety of government documents, with no ‘one-stop-shop’ to understand the topic.” Finally, attackers are becoming more and more sophisticated—and the U.S. must be wary of attacks from countless threats, including criminal groups, terrorists, and even other nations.

What Is the Federal Government Doing to Address This Risk?

In August 2019, the Government Accountability Office released a report titled “Critical Infrastructure Protection: Actions Needed to Address Significant Cybersecurity Risks Facing the Electric Grid.” This report: “1) describes the cybersecurity risks facing the grid, (2) assesses the extent to which [the Department of Energy] DOE has defined a strategy for addressing grid cybersecurity risks, and (3) assesses the extent to which [Federal Energy Regulatory Commission] FERC-approved standards address grid cybersecurity risks. Among other things, the report describes measures that the Federal Government has taken since 1997 to create protections against cyber-attacks.

Further, according to Nextgov, the House Homeland Security Committee approved legislation in late September to create an advisory group—comprised of state and local government officials and representatives across the financial services, healthcare, manufacturing, transportation, and energy sectors—to assist CISA in developing and enacting cyber policies. In addition to this legislation, the Senate passed legislation “that would stand up a permanent group of security specialists that agencies and industry could call on when their IT infrastructure gets compromised.” A few other key bills surrounding cybersecurity were also passed in the past few months in both the Senate and the House.

In November 2019, CISA released “Cyber Essentials for Small Businesses and Governments,” a series of actionable items that entities can take to protect against cyber-attacks. “When it comes to collective defense, we are only as strong as our weakest link, which is why CISA is committed to raising the bar in cybersecurity across all companies and government, regardless of their size,” said CISA Director Christopher Krebs. These guidelines are meant to help leaders “develop a culture of security.”

While cyber-attacks could shut down almost all aspects of our everyday lives, the security community is working to ensure that this threat is addressed, mitigated, and protected against. With renewed attention on this critical area and the new legislation approved by Congress, the hope is that the Federal Government and its partners can work faster, harder, and smarter than entities and individuals seeking to carry out a cyber-attack. One thing is certain: as our reliance on the electric grid only increases, so too does the potential for disaster.

To read more about the Federal Government’s numerous IT programs and policies, visit the General Services Administration Cybersecurity website.

Related Resources

See All
Blog Article

Supply Chain Management Best Practices In The Federal Acquisition Context

Supply chain management in the federal acquisition context involves various key procedures to ensure smooth internal and external operations. Steps like planning, sourcing, procurement, logistics, and management of goods and services play a crucial role in supply chain management. Carrying out these…

Read More
Blog Article

How Federal AC Contractors Can Effectively Use Small Businesses for Their Needs

For federal acquisition (AC) contractors, the challenges of small business procurement, seen as an innovation, efficiency, and community impact catalyst, can create a synergy beyond the usual vendor-client relationship. The result is an ecosystem that flourishes with agility, fresh viewpoints,…

Read More
Infographic

Microlearning

Learn more on how Microlearning delivers bite-sized “nuggets of knowledge,” exactly when and where you need them, boosting retention with quick bursts of focused, engaging content.

Download
Blog Article

A Federal Acquisition Professional’s Introduction to Project Lifecycle Activities

The Federal Acquisition Certification for Program and Project Managers (FAC-P/PM) is a professional certification program designed to enhance the acquisition and project management skills of federal employees involved in planning, acquiring, and managing various projects. The program’s core structure encompasses a…

Read More
Blog Article

The Role of Acquisition in Supply Chain Management

Explore how effective acquisition strategies, from strategic sourcing to vendor relationships, reduce costs, improve quality, and enhance competitive advantage in supply chain management.

Read More
Blog Article

How & Why Should You Choose Federal Acquisition and Contracting As A Career Path

Navigating the intricate world of federal workplaces demands a unique set of skills. It also needs a keen understanding of the complexities inherent to government operations. Defining factors that lead to success in this field – for the individual and…

Read More
Blog Article

Navigating the Evolving Federal Acquisition and Contracting Landscape: Trends and Challenges

In the complex world of federal acquisition and contracting, most AC professionals find themselves at the crossroads of change, faced with new trends and challenges that require adaptation, innovation, and dedication. Although perceived as increasingly complex, the acquisition and contracting…

Read More
Blog Article

An Acquisition Professional’s Overview of Federal Acquisition Regulations (FAR)

Entering the world of federal acquisitions can feel like traversing a big and complicated maze. The Federal Acquisition Regulations (FAR), a crucial regulation that oversees the acquisition process by which the federal government purchases products and services, are at the…

Read More
Blog Article

Federal Leadership Traits to Help You Advance at Every Level

The U.S. Government Accountability Office reports that only 39% of federal organizations understand the importance of federal leadership and develop leadership training programs for their employees. Federal leadership is a critical component of government organizations. It is essential to have effective leaders who can motivate team members to achieve their goals and serve the public interest. Leadership is not just about a job title or position but a set of skills, traits, and behaviors that can be developed and honed over time.

Read More
Video

Emerging Technologies - Robotic Process Automation

This video talks about our one-day RPA course that is designed for both federal leaders and individuals who will be affected by upcoming RPA initiatives.

Watch

Scroll to view more