From Unfettered...:
"Next Thursday, the NERC Critical Infrastructure Protection Committee (CIPC) will have a session on Aurora - the Idaho National Lab demonstration of destroying a diesel generator via a cyber attack. The session will include utilities and vendors. The same day, 500 miles away, PowerGen will be holding a mega session on security. Aurora is a vulnerability unique to rotating equipment which means power generation. The NERC CIPC is not composed of power generation experts. PowerGen is arguably the largest power generation conference of the year. "
What's wrong with this picture? Why isn't NERC holding that session at PowerGen, where all the executives are?
Especially since influential executives in the power generation field continue to insist that there is no cyber vulnerability in power generation, and even that there has never been an identified cyber attack on a power generating facility.
Of course, that's quite simply not true. But power company executives are out there, head in the sand, saying things like that with a straight face. Who do they think they are going to fool? The regulators? The black hats? "If we insist it didn't happen, then it didn't? I tell you three times, so it must be true?" That didn't work when I was five, so why would I think that might work now?
Leaders relevant to this article: