© 2019 InfraGard National Capital Region Members Alliance.  

WARRANTY DISCLAIMER  The FBI, InfraGard, and its affiliates provide information, including but not limited to software, documentation, training, and other guidance to be known as “materials.” The materials are provided as-is and we expressly disclaim any and all warranties, express or implied, including, and without limitation, the implied warranties of merchantability, fitness for a particular purpose, non-infringement, quiet enjoyment, and integration, and warranties arising out of course of dealing or usage of trade. You agree that, as between you and the FBI, InfraGard, and its affiliates, you are responsible for the outcome of the use of materials made available, including but not limited to adherence to licensing requirements, and taking legal and regulatory considerations into account. There is no guarantee of accuracy, completeness, timeliness, or correct sequencing of the information provided.

OFFICIAL LINKS

  • White LinkedIn Icon
  • Facebook Clean
  • Twitter Clean
Please reload

Recent Posts

I'm busy working on my blog posts. Watch this space!

Please reload

Featured Posts

Sector Chief Highlight: Martin Kessler

June 1, 2016

 

#1 Why is your sector considered critical infrastructure and why is it so important to protect?

 

One of the 16 critical infrastructure sectors identified within Presidential Policy Directive 21 (PPD-21 – “Critical Infrastructure Security and Resilience”) is the Energy sector, which is comprised of three interrelated subsectors—electricity, oil, and natural gas.  The Energy sector entails the production, refining, storage, and distribution of oil, gas, and electric power (but does not include hydroelectric and commercial nuclear power facilities and pipelines).

 

On a macro scale, the United States economy and modern society as we know it would not function without the outputs of the Energy sector.  As noted in the 2015 National Infrastructure Protection Plan (NIPP) Energy Sector-Specific Plan, the Energy Sector supplies fuels to the transportation industry, electricity to households and businesses, and other sources of energy that are integral to growth and production across the Nation.  Moreover, PPD-21 identifies the Energy Sector as uniquely critical because it provides an essential function across virtually all other critical infrastructure sectors.

 

On a more personal level, imagine how fundamentally different your typical daily routine (and by extension, your quality of life) would be without a source of energy to:

  • Heat or cool your home

  • Prepare your food

  • Enable the provision of healthcare

  • Provide sources of entertainment and communication

  • Fuel your transportation

 

#2 What are the biggest risks to your sector’s operations?

 

As summarized in the NIPP Energy Sector-Specific Plan, the most prominent critical infrastructure risks that are common across the electricity, oil, and natural gas subsectors include:

  • Cyber and physical security risks

  • Natural disasters and extreme weather conditions

  • An “aging” of both workforce and equipment/infrastructure

  • Evolving environmental, economic, and regulatory requirements

 

#3 Has your sector been in the news recently?

 

Due to its criticality to the global economy and markets around the world, the Energy sector is in the news on a regular basis.  More exceptional news coverage of late is surrounding the destructive cyberattack executed against three Ukrainian electric utilities on December 23, 2015.

 

The possibility of a cyberattack causing physical damage to electric system equipment first received widespread news coverage in 2007 when Idaho National Laboratory performed the Aurora generator experiment, in which a diesel generator was destroyed by a simulated cyberattack.  Over eight years later, this attack on the three Ukrainian utilities represents the first publicly acknowledged power outage resulting from a cyberattack.  Although this is significant in its own right, the overall impact of the attack was relatively low when gauged by the number of customers impacted (225,000 out of a Ukrainian population of over 40 million) and the duration of the power outage (less than 10 hours).

 

The investigation of the incident is still underway, but if you’d like to learn more, publicly available reports from the U.S. Department of Homeland Security (DHS) and the Electricity Information Sharing and Analysis Center (E-ISAC) and SANS provide insight into how the attack unfolded as well as mitigation strategies.

 

About the Sector Chief

 

Martin Kessler serves as Chief of Staff to the CIO at The AES Corporation, a Fortune 200 global power company.  Prior to his current role, Martin served as Senior Advisor, Global Cybersecurity, with responsibility for governance of AES’ global cybersecurity and business continuity management programs.  Martin has over 15 years of cyber and IT risk management consulting, auditing, and operations experience at a Big 4 accounting firm and a U.S. Government agency.  He has several security certifications, including the Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and GlobalIndustrial Cyber Security Professional (GICSP).

Please reload

Follow Us
Please reload

Search By Tags