As described by an article titled “Protecting the grid” in Virginia Business magazine here, Virginia has a lot at stake when it comes to protecting its power grid from cyber attacks.
A high concentration of military assets, bases, contractors and industry that supports the Department of Defense highlights the risk
In Hampton Roads, the presence of the world’s largest naval base — Naval Station Norfolk that harbors the Fleet Forces Command for the U.S. Atlantic Fleet — underscores how vital the power grid is to operations of Virginia’s 29 military installations.
Not far from Naval Station Norfolk is the Port of Virginia, which features one of the deepest U.S. harbors along the Atlantic Coast. The port is ranked fourth in exports, 17th in imports and eights overall among all U.S. ports in terms of total trade by tons of cargo.
Another prominent user of the power grid in Hampton Roads includes Huntington Ingalls Industries in Newport News, which contracts for shipbuilding with the U.S. Navy and U.S. Coast Guard. The Virginia Business article also highlights how northern Virginia is at the hub of of federal government operations, with other federal properties scattered across the commonwealth.
Our own Darek Dabbs, CIO for Serra-Brynn, made it clear what’s at stake in Virginia when it comes to the power grid.
“What makes us vulnerable in Virginia is the critical infrastructure the electric companies supports,” he told Virginia Business. “Let’s put this in military terms: Bombs and soldiers don’t win wars. Economies win wars. Knock out a country’s power and you knock out its economy. That’s how you win in a negotiation.”
The article points out that a dependable electricity supply touches every aspect of our society. It describes how “in a world increasingly connected by electronics, new omens of violence loom on the horizon, both physical and in cyberspace. Terrorists and computer hackers pose hazards to a secure electricity supply. Mirroring trends globally, Virginia producers are investing time and money to stay ahead of the bad guys.”
According to the article, which quotes statistics from the U.S. Department of Homeland Security (DHS), data that highlights the peril includes:
—Reported cyber incidents were up 20 percent in 2015 over the previous year;
—The energy sector reported the second-highest number incidents.
Our stance is simple: All businesses have to be prepared for the inevitability of data breaches. It’s particularly vital in the power sector, especially considering the dependence of national defense on electricity supplies.
A Sera-Brynn cyber risk assessment directly addresses this by going beyond penetration testing and evaluating how effectively all of the security measures — including people — currently employed within your business are working. Any gaps will be documented along with their associated risks to the business as well as options for mitigating them.
The benefits of a cyber risk assessment includes three questions that apply directly to the issue of protecting the grid. These include:
—Assessing vulnerabilities and risks and understanding how to mitigate them;
—Meeting industry and government security compliance standard and then getting there cost-effectively;
—Once the vulnerabilities are identified prioritizing them.
The warning signs are all around us about the vulnerabilities to cyber attacks. They cannot and must not be ignored because the stakes are way too high to be uninformed and negligent.