IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Biden looks to shore up the electrical grid’s cyber security

Participation will be voluntary, but incentives may push adoption

Power lines with a computerized grid surrounding them

The White House is readying a scheme to increase the cyber security and resilience of its electrical grid, according to a document verified by Bloomberg yesterday.

The plan, created by the National Security Council, is part of a longer-term strategy to secure several systems that are a part of critical national infrastructure, including water utilities and gas pipelines.

The electrical grid resilience plan will be largely voluntary to avoid resistance to regulation. It will carry incentives that will make it more appealing for electrical operators to implement protections.

Those protections include cyber security monitoring equipment and an assessment to identify sites that would present the most risk to the grid in an attack.

Incentives are reportedly still a work in progress but might include government funding for smaller utilities.

The plan will also extend Cyber Testing for Resilient Industrial Control Systems (CyTRICS), a partially classified plan that identifies vulnerabilities in the electrical grid that intruders could exploit.

There will also be an initiative to share cyber incident information with the US government, although the plan reportedly assures utilities they won’t need to share sensitive data.

The initiative will begin with a 100-day sprint followed by a process that will take years, according to the document that Bloomberg says could be released as early as this week.

In a startling move, the plan makes the Department of Energy the lead agency rather than the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), Bloomberg reported. CISA, which could soon have a new director, is supposed to be the go-to agency for protecting domestic infrastructure from cyber attacks.

Last month, the General Accountability Office (GAO) warned that the Department of Energy needs to do more to secure the electrical grid from attack, arguing that it had focused too heavily on protecting generation and transmission systems.

"The U.S. grid's distribution systems — which carry electricity from transmission systems to consumers and are regulated primarily by states — are increasingly at risk from cyberattacks," it said. "Distribution systems are growing more vulnerable, in part because their industrial control systems increasingly allow remote access and connect to business networks."

The US electrical grid has been a concern for some time. In 2019, the Xenotime hacking group, which created the Triton malware, extended its focus from the oil and gas sector to the US electrical infrastructure.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Swift exit: How the world cut off Russian banks
finance

Swift exit: How the world cut off Russian banks

24 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022