A cyber attack on the North American power grid "could cause between $243 billion to more than $1 trillion in economic damage" according to a recent report published in Security Week. The Cambridge Centre for Risk Studies at University of Cambridge Judge Business School and Lloyd's simulated the risk of a cyber attack damaging 50 generators supplying the critical power grid along the East Coast and Washington D.C. causing a major blackout across 15 states potentially affecting 93 million people.
Cyber security threats to the grid's critical infrastructure are real. In an article in Forbes, Admiral Michael Rogers, Head of NSA & U.S. Cyber Command, noted that China and other unnamed nations have "the ability to launch a cyber attack that could shut down the entire U.S. power grid and other critical infrastructure." A report in Time covered an investigation by USA Today that analyzed public records, national energy data and records from 50 electric utilities. The analysis revealed that the U.S. national power grid faces physical or online attacks approximately once every four days.
The urgent need for more stringent standards to protect the Bulk Electric System (BES) of the North American power grid from this dramatic rise in cyber threats in recent years led to the latest North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standard Version 5. CIP V5 is much more extensive than previous standards, especially regarding cyber security and coverage of BES cyber assets.
An important reality check: Deadlines are approaching fast for submitting plans and demonstrating compliance with CIP V5 -- mandatory in April 2016.
Learn more about NERC CIP compliance Version 6.
Watch these webinars to learn more about NERC CIP compliance: Does Your Network Have the Essentials for NERC CIP V5 Compliance? and 'Tis the Season for NERC CIP V5 Transition Learn about the essentials you'll need to face these realities for power grid network security and compliance.