Last week a colleague of mine and I were at the GridWeek conference in DC, one of the more prominent of the many dozens of Smart Grid-related conferences happening every year and I said we'd share some findings here on the DOD Energy Blog. Well, without further excess verbosity, here they are, visiting from a sister blog, with excerpts:
... the great Smart Grid project could fail, or fail to thrive, largely based on its ability to get security reasonably right, and because adoption will be partially determined by industry and public perception of its safety. The finding that young Smart Grid companies, as represented here, have not prioritized security action, versus titling and responsibility, is a concern.
Hyperbole aside, we all know that the Smart Grid is an area of growing and inevitable security risk. If I'm a utility, and as such am a prospective new customer for a startup, and I'm held accountable to the highest security standards by those who regulate me, I'm going to be damned sure that I put prospective vendors through the ringer before bringing their technology in house. And if I'm a startup, while having a qualified security person on my staff is no silver bullet, our guess is they'll be more than worth their salary as the regulators press their security cases and the utilities/customers get more and more savvy about risk.By the way, as far as I was able to discern, I only found one rep each from DLA and DHS in attendance, with a handful from Lockheed, Northrop and Raytheon. Will be interesting to learn just how many in the Department are tasked with monitoring which way (and how hard) the Smart Grid winds are blowing, and how to position the DOD ship for maximum advantage.