Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Networking

    Federal Agency Needed to Take Charge of Nation’s Power Grid, Says MIT

    By
    Fahmida Y. Rashid
    -
    December 6, 2011
    Share
    Facebook
    Twitter
    Linkedin

      A single federal agency should be in charge of defending the nation’s critical infrastructure from cyber-attacks, and not the patchwork of organizations currently in charge, according to researchers from the Massachusetts Institute of Technology.

      In a 268-page report on thefuture of the United States electric grid through 2030 released Dec. 5, a team of MIT researchers recommended that a single federal agency have the appropriate regulatory authority to be responsible for cyber-security preparedness, response and recovery. The report looked at ways to safeguard the power grid, the need for utilities to switch to smart meters and improve the grid’s efficiency, and funding for research and development to develop procedures for responding to cyber-attacks, among other things.

      Cyber-attacks will happen, but a single agency would be better able to address the problem rather than several federal, state and local entities responsible for various parts of the grid trying to coordinate with each other, the researchers wrote. Such a mishmash of organizations are not working together, even though cyber-security regulations for bulk power systems already exist. However, the researchers noted that local distribution utilities are not subject to these regulations.

      “This lack of a single operational entity with responsibility for grid cybersecurity preparedness as well as response and recovery creates a security vulnerability in a highly interconnected electric power system comprising generation, transmission, and distribution,” the researchers wrote.

      No single agency has responsibility and authority for the entire grid, although the Obama administration and members of Congress have stated that the Department of Homeland Security should take the lead role. Other members of Congress have suggested that the Department of Energy or the Federal Energy Regulatory Commission should be in charge. There have even been discussions of putting the Department of Defense in charge. Gen. Keith Alexander, head of the National Security Agency and commander of U.S. Cyber Command, recently said any government action in cyberspace must be led by the DHS, with regular reviews to ensure that civil liberties and privacy are protected.

      A new bill that would clearly outline the Department of Homeland Security’s role as the lead federal agency protecting critical infrastructure from cyber-attacks will be introduced next week, Rep. Dan Lungren, R-Calif., chairman of the House Homeland Security’s Cyber-security, Infrastructure Protection and Security Technologies Subcommittee said Dec. 6. He did not expect the subcommittee to have time to mark it up and approve it before the end of the year.

      New House Bill Taps DHS to Handle Infrastructure Security

      Lungren said his bill would “make very explicit who should be in the driver’s seat” when it comes to securing critical infrastructure. “In the civilian capacity, it ought to be DHS. This is such an important issue. It should not be left vague,” he said.

      The bill offers an alternative to the Rogers-Ruppersberger legislation approved last week by the House Intelligence Committee that would allow government agencies to share classified intelligence about cyber-attacks and threats with the private sector. Lundgren’s bill would create a nonprofit National Information Sharing Organization to coordinate cyber-intelligence sharing between critical infrastructure operators, private companies, educational institutions and government agencies. NISO’s board would be made up of 10 private-sector individuals representing critical infrastructure stakeholders and five federal officials, selected by the Secretary of Homeland Security.

      The fact that the bill puts a civilian agency in charge of cyber-security instead of the Defense Department is reassuring, Gregory Nojeim, a senior counsel for the Center for Democracy and Technology, said in his congressional testimony. While praising the absence of the “kill switch” for the Internet in which the government could shut down access online, Nojeim is still concerned about the extent of information that companies would share with the government. He recommended limits on the types of data that could be shared.

      In the MIT report, researchers acknowledged that cyber-attackers will succeed at some point. “Perfect protection from cyber-attacks is not possible,” they wrote. “It is thus important for the involved government agencies (i.e., NIST, DOE, FERC, and DHS), working with the private sector in a coordinated fashion, to support the research necessary to develop best practices for response to and recovery from cyber-attacks on transmission and distribution systems, so that such practices can be widely deployed,” the researchers added.

      Fears about an attack on critical infrastructure have been around for years, but recently gained more attention as weaknesses in the supervisory control and data acquisitions systems monitoring infrastructure and other industrial control systems were identified. Just recently, an FBI official told attendees at a security conference in London that cyber-attackers had remotely breached the critical infrastructure of three U.S. cities but had not done anything malicious.

      A 2011 report from the Electric Power Research Institute found that about $3.7 billion in investment would be needed to protect the grid from cyber-attacks, according to MIT researchers.

      “Despite alarmist rhetoric, there is no crisis here. But we do not advise complacency,” the researchers wrote.

      Fahmida Y. Rashid
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×