Paul Feldman, technical director for Protect Our Power and former chairman of the Midcontinent ISO, took our questions regarding the organization’s Best Practices in Utility Cybersecurity conference set for Feb. 4 in New Orleans on the eve of DistribuTECH.
DTECH: What prompted Protect Our Power to hold this conference?
PF: Early in 2018 we identified a need for a professional, transparent, independent development of Best Practices for cyber and physical security to protect the grid. By Best Practices we mean approaches to grid security that are over and above NERC Critical Infrastructure Protection standards and more aggressive at protecting the grid.
DTECH: Who should attend?
PF: Anyone interested in participating in the process of developing Best Practices in security, or learning about how the project will develop over time. Attendees will be briefed on seven Best Practices but will also have access to all the ongoing research and materials related to Protect Our Power’s Best Practices approach.
DTECH: What value can attendees expect to derive from it?
PF: An understanding of Best Practices in areas identified on the agenda, and participation in an ongoing process to focus on Best Practices in the industry.
DTECH: Explain the significance of the Energy Harvey Ball Project that is part of this conference?
PF: The Energy Harvey Ball Project is an ongoing, independent, transparent project to identify, surface, and communicate Best Practices for security in utilities. A taxonomy of topics (circa 100) and vendors has been identified and various educational institutions are involved to support the effort. Protect Our Power will facilitate the project in concert with interested partners.
DTECH: What would you like the enduring aspect of this conference to be?
PF: The conference is a start of a permanent effort to better focus the utilities on the adoption of Best Practices. These Best Practices change over time, driven by a number of factors. Therefore, the Protect Our Power effort will be flexible as well as expensive (covering many areas of security). A key benefit will be the sorting out of vendors in the space to help Utilities focus in the face of more than 1,000 suppliers in this area.
DTECH: Is there anything else we should know about this event and/or Protect Our Power’s plans for 2019?
PF: While the conference is a start, between the annual conferences – Protect Our Power will host webinars – each focused on a different security topic and Best Practices. Each webinar will kick off a larger process involving educational institution partners to play an independent role in further researching each topic and making the results available to the utilities.