The Cybersecurity & Infrastructure Security Agency (CISA) reports that a large number of cyber-attacks occur on cyber-physical systems for which a computer and ancillary sensors are used to control the infrastructure. An industrial control system strategy is required to improve grid resiliency, secure operations and better manage potential cyber risks.
The Power Grid Cyber Security: Challenges & Opportunities panel discussion, hosted by the NYU Center for Cybersecurity at NYU Tandon on August 4th, 2021, discussed various ideas to secure the transmission grid, distribution networks, and the supply chain (including hardware, firmware and software); the benefits of unifying state cybersecurity protocols; and the role of cyber education and workforce development in helping secure operations against cyber threats.
The topics discussed included:
- Vulnerabilities of an international supply chain
- The role of power utilities in the Department of Energy’s 100-Day Plan
- The development of secure software development protocols with a software bill-of-materials
- The importance of workforce development and cybersecurity training and a review of required skills to protect the power industry
- The benefits of industry collaboration to assure seamless protection
Yury Dvorkin, Assistant Professor and Goddard Junior Faculty Fellow in the Department of Electrical and Computer Engineering at NYU Tandon with an affiliated appointment at NYU’s Center for Urban Science and Progress, co-moderated this panel alongside Frank Vallese, Director of Industry Partnerships at NYU Tandon. Farshad Khorrami, Professor of Electrical and Computer Engineering, was one of the six panelists speaking in the webinar. Also participating: Chris Murphy, U.S. CISO National Grid; Joe Cummings, Cybersecurity Program Lead, New York Power Authority; Dr. Michael Locasto, Narf Industries; Ashif Muhammad, Siemens; and Mikhail Falkovich, CISO, Con Edison.
“It’s not always easy to look at the specific vulnerabilities that come up, because people do not want to give that kind of information out for security purposes,” said Khorrami after being asked about the current gaps in the academic and industrial viewpoint.