Thursday, May 08, 2014

For Utilities and Their Suppliers, Lack of Communication Is Opening for Cyberthreats

Defense Secretary Leon E. Panetta did not say who was believed to be behind the so-called Shamoon virus. (Credit: Thierry Charlier/AFP/Getty Images) Click to enlarge.
The cyber peril to energy companies and their vendors has brought forth a tide of regulations, industry standards and voluntary guidelines, but these are not enough, speakers at the Utilities Telecom Council's convention here said.

 "We're drowning in risk management frameworks," said Ronald Ross, a fellow at the National Institute of Standards and Technology.  "We're drowning in controls."

 "We have all the tools we need, but where we are having difficulty is applying those tools to actually make a difference," he added.

 The missing piece is communication, a prerequisite for trust, he and other speakers said: the need for frank -- and sometimes difficult -- conversations about who has responsibility for ensuring that software, equipment and systems are cyber protected and responding when threats inevitably break through.

 "This is not a tools or framework problem.  This is a problem that is cultural," Ross said. "It's the way we do business today."

 For Utilities and Their Suppliers, Lack of Communication Is Opening for Cyberthreats
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)