, SecurityFocus 2003-04-10
A new measure aims to protect the networks that control electric power distribution throughout North America. But not everyone is juiced over plans to hold utilities accountable to tight security practices.
Expand all |
Post comment
"The alternative is to the have the NSA and NIST, or somebody who manages rates, FERC, basically coming in without really understanding what the electric power business is all about."
While I contend that NERC leadership and oversight in cyber security is preferable to that of a truly governmental agency (i.e., NSA, NIST, FERC), I do not contend for a minute that "FERC...[does not understand] what the electric power business is about." And as far as NSA and NIST go, my perspective is that there's a reasonable probability that they may "come in" without a good appreciation of the historical context of - the evolution of - the electric power business. This is very important to understanding how we got to where we are now, and how quickly we can re-orient to advanced infosec methods. What's more, these comments only pertain to the control systems infrastructure, and not that of "IT" within the very same organizations...
Thanx...
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/3871/19309#19309