I attended the inaugural meetings of IEEE P2030 - Smart Grid, last week in Santa Clara. I had a discussion with a representative from a utility organization. He feels his constituency is too small to be governed by electric industry cyber security standards. He feels they will disconnect if they are mandated to meet these standards. On the other hand, the reason he was in Santa Clara is because his constituency is moving heavily into Smart Grid which requires you to be connected.
If you look deeper, this approach is scary. The utilities his organization represents are city-owned which range from very small to the city of Los Angeles. At the Senate Energy hearings several weeks ago, it was pointed out that New York City is also excluded from the NERC CIPs. Has NERC or the affected utilities informed their mayors and city councils they aren’t important in maintaining electric reliability because the NERC CIPs said they weren’t? There is only one utility I know that is doing the right thing- addressing cyber security to maintain electric reliability for their customers independent of the NERC CIPs.
You can’t have it both ways. If you want to be connected, you MUST meet cyber security standards.
Joe Weiss
