As the smart grid evolves from centralized energy generation, we see evolving threats such as market manipulation, cascading failure modes and other impact scenarios, says Sorebo, chief cybersecurity technologist at Leidos, a science and technology solutions vendor.
But as organizations start to address these vulnerabilities, they must be careful not to overlook basic preventive measures such as ensuring accurate data throughout the information chain.
"Even if that [data] isn't directly controlling something, people may rely on that information for other things," Sorebo says. "So make sure that information is accurate, or that there's a sanity check that people are doing - that you're not completely relying on the machine for everything."
In an interview about smart grid security, Sorebo discusses:
- Key threarts and vulnerabilities;
- Risks to utilities and customers;
- New security recommendations he will discuss at RSA 2014.
Sorebo is a Chief Cybersecurity Technologist for Leidos, where he assists government and private sector organizations in addressing cybersecurity risks and complying with legal and regulatory requirements. He has been working in the information technology industry for more than 20 years in both the public and private sector. In addition to federal and state governments, Sorebo has done security consulting in the financial services, health care and energy sectors. He is currently responsible for coordinating cybersecurity activities in the energy sector company-wide. He has been the co-lead of Leidos' Smart Grid Security practice, where he established the Smart Grid Security Solutions Center for product security testing and solution development and contributing to a variety of other smart grid security research efforts. He also recently co-authored a book on Smart Grid Security that was published in December 2011.