Tuesday, March 1, 2011

Smart Grid Security East - Underway on Day One with a NISTIR 7628 Progress Report

My but how this conference has grown since its preprocessor in San Jose last year. Hundreds of folks in the hall this morning to hear Erich Gunther's welcome message, and now we've got these folks on stage talking 7628:
  • Bill Hunteman, DOE
  • Annabelle Lee, EPRI
  • Daniel Thanos, GE
  • Sandy Bacik, Enernex
  • Mike Coop, ThinkSmartGrid (moderator)

Annabelle mentioned she likes Daniel's phrase - thinking about securing the grid from "toasters to turbines."  I'm paraphrasing here, but Daniel, hesitant to put all our security eggs in the NISTIR 7628 (or any other regulatory) basket, got the following across:
Security is a very dynamic space. Regulation can actually degrade security.  It freezes our approaches to a moment in time, while threats continue to change so quickly. Rather we should seek to help folks think better so they can adapt to threats as they evolve.
Then Bill said (my paraphrase again):
I challenge each of you coming to collaborate - let's see if we can reach an agreement, as a community, on what it means to protect the grid. Everyone back in DC still doesn't have a common definition on what this means, and that's really hampering progress.
Someone then asked a question on how we are measuring (and therefore demonstrating) progress to leadership in Washington and elsewhere, while noting that the previous point on not having a common definition to work from is a factor. The answer to that wasn't that completely clear, and my bet is it's likely the question on measurement will be asked again before this conference is through.

To be continued ...

No comments: