In Assuring Reliability, We Must Stand Together
Originally published October 1, 2013
PHOTO BY DENNIS BRACK
Last April, a vandal cut underground fiber optic cables and then fired rifle shots at a substation in northern California. The shots damaged several transformers in the substation and caused hazardous materials to spill. In February, the website of an APPA member in Florida was hacked, causing a slowdown that nearly brought the site to a complete stop.
Both of these incidents point to the need for utilities to be attentive to security concerns.
APPA has been working with government and utility representatives to strengthen the industry’s ability to withstand cyber and physical attacks on vital infrastructure.
We have worked with the Electricity Sector Information Sharing and Analysis Center, or ES-ISAC, to support intelligence gathering that could potentially help utilities identify nascent patterns of cyber or physical attacks at utility facilities across the country. The ES-ISAC is one of 16 government and industry groups formed to assess vulnerabilities and identify steps necessary to protect the nation’s critical infrastructure. The groups were formed in response to a 1998 directive by President Bill Clinton. Other groups address infrastructure protection in the chemical, financial services, health care, nuclear and communications industries, among others.
The electricity sector group is coordinated by the North American Electric Reliability Corp., but NERC’s role in this endeavor is separate from its role as the developer and enforcer of bulk electric system reliability requirements. ES-ISAC is an information clearinghouse to allow utilities nationwide to share data about threats to electric system security. By sharing information, the industry collectively can address measures to bolster security. I urge all APPA member utilities, regardless of size, to register with ES-ISAC, either directly or through your joint action agency. Doing so will give your utility access to resources that can help you strengthen your electric system’s ability to deter cyber and physical attacks.
APPA is also part of another industry group, the Electricity Sub-Sector Coordinating Council, or ESCC. This group was launched by NERC, but now operates independently of the reliability organization. ESCC was formed in response to a recommendation by the National Infrastructure Advisory Council and exists to facilitate dialogue among senior executives in the electric utility industry on the roles and responsibilities of the industry in addressing high-impact infrastructure risks and potential threats. This group has developed a plan for handling decision making in the event of a potential threat to utility infrastructure or during a widespread power disruption, such as the one caused last year by Superstorm Sandy.
I serve on the steering committee for the ESCC, along with the CEOs of the Edison Electric Institute, the National Rural Electric Cooperative Association, Nuclear Energy Institute, Electric Power Supply Association, the ISO/RTO Council and NERC. Kevin Wailes, administrator of the Lincoln Electric System in Nebraska, is a vice chair of the ESCC. Other public power CEOs on the panel are John Bilda of Norwich Public Utilities in Connecticut, Scott Miller of City Utilities of Springfield, Mo., and Ron Nichols of the Los Angeles Department of Water and Power.
To facilitate APPA’s continued participation in the ESCC, we have formed the Cyber & Physical Preparedness Committee. About 20 representatives of APPA member utilities are working with staff to coordinate APPA’s participation in ESCC activities.
Allen Mosher, APPA’s vice president for policy analysis and reliability standards, has described the ESCC’s work as “the 911 plan” for utility CEOs to follow when a large outage or a threat to reliability occurs. Recall the widespread blackout in the Northeast in August 2003. Utilities in Ohio lost power first. In less than 10 minutes, power went out in Michigan, Ontario, Pennsylvania, New York, Connecticut and Massachusetts. Utilities in Ohio were unaware of the reach of the outage, as were the utilities on the coast. Steps undertaken since that blackout occurred have improved the utility industry’s resilience. But bizarre incidents such as those this year in California and Florida demonstrate that no amount of tree-trimming and equipment upgrades can deter a vicious attacker. Both of the incidents this year were isolated occurrences, but it is important for the industry-government clearinghouse to know about what happened in each instance. It is not inconceivable that groups of vandals might attempt to hack utility computer systems or organize coordinated physical attacks on electric system infrastructure.
Please take the first step to help the industry resist cyber and physical attacks by registering with the ES-ISAC. You can find your way there by logging on to esisac.com/register.aspx. You will be asked to identify the individuals at your utility who are responsible for security, operations, engineering and public information. Watch for announcements from APPA related to activities of the CAPP and be prepared to support those efforts. If you have questions or need assistance, reach out to Allen Mosher (AMosher@publicpower.org) or Nathan Mitchell, APPA’s director of electric reliability standards and compliance, (NMitchell@publicpower.org).
Working together, we can share ideas and strategies for protecting access to reliable electricity.
Please Sign in to rate this.
Members of the American Public Power Association receive Public Power magazine as part of their annual dues payments. The subscription rate for non-members without the annual directory is $100 per year in the United States and $130 per year outside of the United States. A subscription that includes the annual directory is $200. The annual directory alone can be purchased for $150.
Public Power is published eight times a year by the American Public Power Association. Opinions expressed in single articles are not necessarily policies of the association.
The Sheridan Group of Hunt Valley, Md., is the authorized exclusive seller of reprints of articles published in Public Power magazine. Reprints may be ordered online.
For information about advertising, contact: Erik Henson, Naylor LLC, 352/333-3443.
Manager, Integrated Media
David L. Blaylock
Integrated Media Editor
Senior Vice President, Publishing
Jeanne Wickline LaBella
Robert Thomas III
- House passes pipeline review, electric transmission bills
- Report catalogues state net metering, DG actions in the second quarter
- Lawmakers hear about capacity market flaws, rising grid costs
- Hamilton Utilities’ urban forestry program boosts safety, reliability
- Kansas City BPU exceeds 45 percent renewable energy threshold
- Officials urge public power utilities to be prepared for cyberattacks
- Public power utilities recognized for high customer satisfaction
- SMUD board approves new Time-of-Day standard residential rates
- Report sees more than seven million plug-in EVs in U.S. by 2025
- Cyber Hygiene: Preventive Care to Avoid Electric System Decay