Smart Grid Could Revamp Security Initiatives In The Tough Economy

What is a Smart Grid? It's an interconnected network of electric stations, substations, and meters that communicate with one another and exchange information. The concept utilizes wireless sensor networks, software, and computing to enable utilities to see how much and where energy is being consumed, and if there are problems or blackouts in the network. More importantly, it lets customers manage their electricity consumption. But what does it mean to security and risk management? President Obama has called for the installation of 40 million smart meters and 3,000 miles of transmission lines. This means that technology vendors like Cisco Systems and IBM will be front line players in implementing networking intelligence for the electric system.

Specifically, Cisco has announced its intentions to provide an end-to-end networking platform to put the President’s plan in action. Essentially, Cisco will work with city municipalities and utility providers to revamp networking infrastructure with routing & switching and security technologies. The result could be constantly connected meters that exchange information with the utility providers and customers. Thus, building an inter-network of energy databases that will improve delivery and quality of electricity.

There are important security implications to this initiative. Utility provider’s physical equipment is light years away from being secure. Forrester has seen some interest among municipalities regarding how to secure their meters by fingerprinting and tracking them. But the Smart Grid plan will need to scrutinize important security measures like tracking, monitoring, and managing the endpoints at all times. It will need to perform asset management and make sure that authorized users are accessing the data. Moreover, establishing a robust alert mechanism that notifies IT staff of events and security breaches. Since information is going through many handoffs, compliance requirements could dictate how this information is used and how to enforce these requirements in due course.

Many security technologies can be employed to secure a hybrid infrastructure that will involve communication with the utility provider and public network, such as NAC, IPS, IAM, and VPN to name a few... More importantly, this initiative will thrust NAC to success, much like healthcare has revamped wireless and PCI has revived the SIM and IPS markets. If this initiative picks up the pace, many security vendors would need to be involved to deliver a secure infrastructure.

Enabling a robust and secure infrastructure could mean 1) better service for customers and 2) upgrading utility providers and municipalities network infrastructure that is efficient and less error-prone. 

Do you think the Smart Grid project will help revamp security initiatives?

Will Cisco's announcement have an impact on the network security market? 

Categories:

Comments

re: Smart Grid Could Revamp Security Initiatives In The Tough E

"Do you think the Smart Grid project will help revamp security initiatives?"Sure will. The rumor is that somebody just figured a way to hack into a SmartMeter and crash the whole regional electric grid...

re: Smart Grid Could Revamp Security Initiatives In The Tough E

In their security and risk blog last week, Forrester identified the need for end-point security when implementing IP enabled SCADA networks in the “smart grid”. This is certainly a good call given the risk of inadvertent or inappropriate use of the network by end users. The larger view of security, however, should go beyond just end-point security into multiple layers of risk control...http://betterriskmanagement.blogspot.com/2009/05/scada-networks-and-end-point-security.html