Next Big U.S. Threat? Cyber Attack on the Smart Grid

Federal agencies need to strengthen cybersecurity guidelines and improve oversight of industry efforts to secure smart grid systems and networks, according to a new report from the Government Accountability Office (GAO). While energy companies are using information technology to make the electricity grid more efficient and reliable, those technologies also are creating security vulnerabilities. Federal standards for identifying and mitigating security risks are inadequate, GAO said in a report. The watchdog found that while the National Institute of Standards and Technology developed and issued cybersecurity guidelines as a result of the Energy Independence and Security Act of 2007, they do not deal with key issues, including the risk of attacks that involve both cyber and physical means. Until the missing elements are addressed, there is an increased risk that smart grid implementations will not be secure as otherwise possible, GAO said. GAO also found the Federal Energy Regulatory Commission lacks the ability to enforce standards.