U.S. Power Producers Seeking to Stem Grid Cybersecurity Threats

February 25, 2016

Harry Weber

With cybersecurity becoming a topic of ever-increasing visibility and importance, information security professionals ask what protection they have when they make potentially unpopular disclosures of cybersecurity issues. Though no whistleblower retaliation statute deals directly with the topic, the Sarbanes-Oxley Act will often protect cybersecurity professionals who work directly for public corporations or those corporations’ service providers. Yet further, the Dodd-Frank Act could allow information security workers to receive a whistleblower reward for reporting cybersecurity concerns to the SEC or CFTC, in some cases.

However, the relationship among cybersecurity issues, SOX, and the Dodd-Frank Act is not yet clearly defined. Accordingly, information security professionals should educate themselves about whistleblower protections. Doing so could make the difference between being protected, receiving a whistleblower reward, or suffering retaliation without recourse.

- See more at: http://www.natlawreview.com/article/protections-and-rewards-cybersecurity-whistleblowers#sthash.Nu5uovJe.dpuf

Exelon Corp. and other major U.S. power producers are in discussions with regulators and stakeholders on a detailed plan for preventing and responding to cyberattacks designed to disrupt the country’s electric system.

Unresolved questions in the talks include who is in charge and would substations that are hit be considered a crime scene, said Exelon Chief Executive Officer Christopher Crane during a Thursday panel discussion at IHS CERAWeek in Houston.

"Think about the civil unrest in Philadelphia and Baltimore and some of the communities we serve if you have multiple days of power not flowing," Crane said.

The debate comes as U.S. power grids are upgraded from an analog to a digital system, raising the potential that the systems that manage the flow of electricity to millions of Americans could be shut down by a cyberattack. Among the challenges are differences in security requirements across the country and the world, how the grids share power in times of high demand and the massive task of bringing together industry, government and the technology community to find solutions.

Read Full Article