Friday, the U.S. President signed an executive order which prohibits the use of bulk power system equipment from foreign companies that could put the U.S. electric utility system at risk.
Declaring a national emergency, the Executive Order on Securing the United States Bulk Power System authorizes Energy Secretary Dan Brouillette to prohibit federal agencies and U.S. entities from acquiring, transferring or installing bulk power system equipment in “which any foreign country or foreign nation has any interest and the transaction poses an unacceptable risk to national security.”
President Trump’s latest Executive Order:
- Prohibits certain transactions involving bulk-power system electric equipment developed, manufactured or supplied by a foreign adversary.
- Establishes a cross-agency task force to protect the power grid from attacks and share risk management information to prevent interference. Task force members will include the secretaries of commerce, defense and homeland security, as well as the director of national intelligence.
In line with this order, the energy secretary may establish a “pre-qualified” list of safe vendors. He is also tasked with identifying equipment currently in use in the bulk power system that poses a risk, and working to remove and replace that equipment.
The Presidential Executive Order on Securing the United States Bulk Power System prohibits equipment manufactured by a company under the control of a foreign adversary, and equipment that poses a national security threat, from being used within the U.S. power grid.
While the order does not call out any specific foreign adversaries by name, in the past, national security officials have acknowledged that Russia and China have the ability to disrupt the operations of electric utilities and gas pipelines. In the case of Friday’s executive order, a senior department official told The Wall Street Journal “the administration is taking action specifically because of those prior efforts to infiltrate U.S. electric and natural-gas systems.”
As nation-state threats to the U.S. power grid continue to mount, this executive order, and significant industry support for it, is a step in the right direction. We are encouraged to see an increased focus on ensuring the bulk power system is secure and reliable. Knowing that our enemies have the Nation’s power supplies in their sights, it only makes sense to have a process for reviewing – and the authority to block – the purchase of key components from adversary nations.
This order recognizes the importance of grid infrastructure and electric power in our daily lives, national security and developed economy. It empowers the U.S. energy secretary – in consultation with the secretary of defense, secretary of Homeland Security, head of national intelligence and other U.S. officials – to strengthen our utility defenses against attacks or supply-chain disruption by adversary countries. And it makes it easier to quash attack vectors like backdoors and trojans that could be implanted in foreign-sourced infrastructure equipment.
While declaring power grid security a national priority, the executive order does not address some of the largest security problems in electric cyber environments, including a lack of visibility in networks, the need for enforceable national standards, and clarity on how to address legacy infrastructure.
Declaring Power Grid Security a National Priority
As is often the case when we see these types of government actions, it’s important to acknowledge this executive order is just a start. The details of implementation will be important. Working to identify, remove and replace nonconforming equipment will not be an easy task. Utilities will need clarity around what transactions require approval or can be reviewed, and what that process looks like.
The energy secretary and his task force will need to take precautions to ensure grid operators are not hamstrung to specific vendors or are forced to rebuild systems to accommodate the order without a legitimate threat. And, it will be important to ensure that the implementation is based on actual security and reliability requirements and does not become a bargaining chip for broader bilateral or political purposes. Additionally, the executive order does not address some of the largest security problems in electric cyber environments, including a lack of visibility in networks, the need for enforceable national standards, and clarity on how to address legacy infrastructure.
At the end of the day, no single measure can guarantee security or reliability. While this order can be a step in the right direction, owners and operators of our electric grid must continue to do their part to strengthen the security and resiliency of key infrastructure.
How Nozomi Networks OT and IoT Security Solutions Can Help
As utilities begin to digest this latest executive order and its implications on their current and future infrastructures, Nozomi Networks is ready to assist. Our OT and IoT security solutions help organizations gain insight into the vendors they have operating within their facilities, and identify the location of equipment not in compliance with the executive order.
Our Asset Inventory capabilities are the starting point to identifying manufacturers. Secondly, any equipment, regardless of country of origin, could become victim to attack. Nozomi Networks solutions help identify attacks, aid in understanding the impact on devices controlling the power grid, and strengthen the security posture of systems that may be threatened. And because nation-state actors often work with an enhanced set of competencies that require advanced solutions such as anomaly detection, Nozomi Networks OT and IoT security solutions support monitoring of the operational processes themselves for attacks or anomalies, and non-typical attacks.
- Power grid cybersecurity technical challenges
- Sample architectures for cyber resiliency
- Cybersecurity use cases
- Operational visibility use cases
- How OT and IoT anomaly detection improves cybersecurity
- Webpage: Securing OT and IoT in Utilities
- Case Study: Trustpower: Securing New Zealand’s Power and Telecoms Network
- Video: Enel: Securing a Global Power Generation Network
- Customer Reviews: Energy and Utilities
- Blog: Advances in Cybersecurity for Electric Utilities
- Presidential Executive Order 13800: Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, May 2017
- Presidential Executive Order 13636: Improving Critical Infrastructure Cybersecurity, February 2013
- Blog: U.S. Executive Order on Cybersecurity – What You Need to Know
Armed with an outstanding track record of matching technical capabilities to market needs, Edgard Capdevielle has been a rainmaker in security, data center and cloud storage for many years. He is often invited to share his unique insights as a keynote speaker and panelist at industry and cyber security conferences worldwide. As CEO of Nozomi Networks, Edgard is deeply committed to protecting our critical infrastructure from escalating threats, and helping industrial organizations address their complex network visibility and cyber security challenges.