As detailed in a recent U.S. News & World Report article, cybersecurity is one of the top worries of companies in the U.S. energy sector. The article quotes the annual Black & Veatch survey of the electric industry: “The industry is paying attention and actively seeking ways to bolster security practices to limit power system vulnerability.. We are seeing an industry that is actively moving forward with the deployment of comprehensive asset protection plans following several high-profile cyber and physical threat events.”
As observed in a recent Wall Street Journal Risk & Compliance Report, the National Institute of Standards and Technology’s cybersecurity guidelines for utilities, banks and other crucial industries serve as the baseline for what affected companies should be doing to protect their networks from attacks. And attacks on an electric facility and increased attention from regulators has fueled concern about safeguarding facilities. However, though potential cyberthreats are now the industry's fourth most worrisome issue (moving up from sixth last year), per the Black & Veatch survey, barely a third of utilities currently have the solutions in place to protect their infrastructure from attack. Because of the importance of the industry and its consistent operation, federal regulators adopted a new round of cybersecurity standards for the electric industry, which, along with the NIST standards spurred a higher demand for security assessments.
As the Black & Veatch surveys observes:
Foresight is forearmed. In an environment where threats are both real and virtual and physical damage can be triggered by natural forces or nefarious intent, the best approach is preparedness,” the report says. “There is not a single solution, but with an approach that addresses the physical elements of cybersecurity and the cyber elements of physical asset security, organizations will be better equipped and educated to manage the full spectrum of dangers.
With national practices in the Energy and Data Privacy & Cybersecurity areas, McDonald Hopkins attorneys are uniquely positioned to help address and avoid cybersecurity risks.