The Federal Energy Regulatory Commission (FERC) is tasked with keeping our electric grid safe and maintaining reliable and secure energy for U.S. consumers. On January 20, FERC issued a Notice of Proposed Rulemaking (NOPR) that proposes to strengthen its Critical Infrastructure Protection Reliability Standards by requiring internal network security monitoring for high and medium impact
cyber-attacks
GAO Report Identifies Need for DOE to Address Risks to Electrical Distribution System
The United States Government Accountability Office (GAO) recently completed and published a study on electricity grid cybersecurity that concluded that the Department of Energy (DOE) needs to ensure its plans fully address risks to electricity distribution systems.
The GAO completed two prior studies of the generation and transmission functions of the electricity grid and found…
The Effect of a Biden-Harris Presidency on Privacy in the U.S.
How will a Biden-Harris presidency affect the U.S. privacy landscape? Let’s take a look.
Federal Privacy Legislation
On both sides of the political aisle there have been draft proposals in the last 18 months on federal privacy legislation. In September, movement actually happened on federal privacy legislation with the U.S. Setting an American Framework to…
Sammamish, Washington Declares Emergency After Ransomware Attack
I was a speaker at a recent conference of municipalities in a state last week, and during my presentation, I mentioned the various cyber-attacks that have affected cities, towns and educational departments in the U.S. (Atlanta, GA; Farmington, CT; West Haven, CT; Leeds, AL; Yarrow Point, WA; and Leominster, MA to name a few). Little…
California Law IoT Devised to Have “Reasonable Security Feature”
On September 28, 2018, California passed Senate Bill No. 327, Chapter 886, which regulates the security of all internet of things (IoT) devices sold in California. Collectively, IoT broadly refers to all internet-enabled devices and includes everything from doorbells and lamps to cell phones and wearable devices. This bill, beginning on January 1, 2020, will…
Privacy Tip #126 – Employee Training and Education Continues to be “Best” Cyberdefense
It is a myth that employees hate training and education. I have seen it with my own eyes. It is very exciting to watch an audience visibly cover their mouths when real life stories are told about cyber-attacks and phishing incidents that employees’ conduct cause because they are working too fast, not paying attention to…