Network Security News

Cybersecurity standards for grid don't go far enough, critics say

Thursday, April 30, 2009

Some network security experts yesterday questioned the effectiveness of a bill being submitted in Congress today that seeks to secure the nation's electric grid from hackers and foreign spies.

The bill, announced on Wednesday by homeland security committee chairmen Joseph Lieberman in the Senate and Bennie Thompson in the House, would give powers to the Federal Energy Regulatory Commission, or FERC, to issue new orders or rules in the event of a national security threat.

Called the Critical Electric Infrastructure Protection Act, the bill would require FERC to issue updated regulations within 120 days of enactment. Under current law, a nongovernmental organization, the North American Electric Reliability Corporation (NERC), develops standards for power plants and transmission companies for FERC approval.

Michael Jacobs, a former cybersecurity official at the National Security Agency, said the bill doesn't go far enough in compelling owners and operators of power plants to take more safety measures, according to a report on Nextgov.com.

"The bill focuses entirely on requirements of the government - there's nothing in there that obligates or enables the owners and operators of these facilities to upgrade their security," Jacobs said, Nextgov.com reported. "There ought to be an obligation to put in place the necessary barriers to prevent an intruder from getting to the control systems themselves."
ADNFCR-1765-ID-19149024-ADNFCR

Related News:

Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.

Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.

Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.

iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.

Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now