According to a recent report sponsored by the Department of Energy (DOE), the U.S. power grid is under threat from nation-states, organized crime syndicates, hacktivists, and terrorists. More needs to be done to protect the nation’s power grid and mitigate these threats.
A little more than ten years ago, a tree branch triggered one of the worst blackouts in U.S. history affecting around 50 million people; about a year ago, the effects of Hurricane Sandy caused widespread outages in NYC. Today, the electrical power grid continues to be a prime concern for the government and private utility companies.
The grid’s problems handling “natural disasters” make the threat of sustained and purposeful disasters even more disconcerting. Possible man-made threats stem from cyber attacks as well as electromagnetic pulse (EMP). The DOE is not alone in its concern; a recent survey by National Geographic revealed citizens do not have confidence in the grid’s security or in the government’s level of readiness. Three-quarters of the survey’s respondents expect the U.S. to face a “catastrophic cyberattack” during their lifetime, and over 50 percent believe the U.S. is unprepared for such an attack.
The DOE-sponsored study shows a number of ways in which power-grid networks are vulnerable to foreign or domestic threats. Indeed, North Korea is currently pursuing EMP technology and views cyber attacks as general-use weapons to target key institutional and infrastructure systems. Iran and various non-state actors could also pose a direct threat to U.S. grid security.
Importantly, investing in security means investing in people. U.S. power companies should provide continuous cybersecurity training to personnel to improve grid security. Instead of top-down mandates, Congress should empower local and private entities to educate citizens and employees in cybersecurity.
Grid security also depends on a culture of leadership. This means educating executives and company boards about cybersecurity. A recent Ernst & Young survey shows senior business leaders’ increasing involvement in cybersecurity. An upcoming Heritage report will focus on how to encourage utility leaders to learn about cyber threats and improve grid security.
Heritage’s report will also show the need for information sharing to reduce costs and minimize threats to businesses, while increasing an executive’s decision-making abilities. Congress should build off private initiative and enable effective information sharing about the current threats against the power grid.
Congress should thoughtfully address these issues before the lights go out.
Brett Ramsay is currently a member of the Young Leaders Program at The Heritage Foundation. For more information on interning at Heritage, please click here.