You Sure You Want a Smart Grid?

Just one question for you. If this is how grid operators deal with risk pre-smart grid, how the heck are they going to secure the web enabled, bi-directional communications world coming at us with a gathering head of steam?

The North American Electric Reliability Corporation (NERC):

... is asking operators to take another look at their risk assessment methodologies and conduct a new evaluation of critical assets and associated cyber assets. Too many organizations are starting their evaluations with the assumption that no system is critical until it is proved to be so. [NERC CSO] Assante suggested that they reverse the process and assume that every system is critical until it can be demonstrated otherwise.

You don't have to be a security expert to smell several rotten things in these few pages. More on this to follow ...