WASHINGTON, D.C. – October marks the start of the Cyber Security Awareness Month “Do Your Part. #BeCyberSmart” campaign. As always, NERC’s Electricity Information Sharing and Analysis Center (E-ISAC) urges industry to continue being vigilant and proactive and to enhance its cyber security posture. According to Manny Cancel, NERC’s senior vice president and CEO of the E-ISAC, while cyber security has been a top priority in the electricity industry for the last decade, this past year has been differentiated by the sheer volume, diversity, and sophistication of events. “As of now, this trend shows no sign of abating with high-profile ransomware and hacks, such as SolarWinds, Colonial Pipeline, Microsoft, and Kaseya, impacting our economy and capturing headlines,” Cancel says.
These events bring into sharp focus the risk of a compromise moving laterally from an enterprise’s corporate environment into its operational network, with the potential to impact bulk power system reliability. While NERC is not aware of any resulting bulk power system reliability issues, Cancel cautions the need for continued vigilance and preparedness and the importance of initiatives like Cyber Security Awareness Month. “NERC and the E-ISAC are hugely supportive of dedicating a month to call attention to and raise awareness of the importance of cyber security across our nation. Reminders like this reinforce the need for continued vigilance against threats including phishing attacks and ransomware,” Cancel noted.
The E-ISAC encourages its members to practice good cyber hygiene, apply security patches as soon as possible, and share cyber incident information with the E-ISAC.
