Cybersecurity group pushes utilities to step up their identity security game


Electric utilities must and can now find ways to tighten up their networked controls over power generation, distribution and transmission, a government group focused on cybersecurity reported Tuesday.

The National Cybersecurity Center of Excellence has released a practice guide on “Identity and Access Management (idAM)” tools and solutions available for security engineers. It offers what the NCCEE says are ways for utilities to implement a centralized idAM platform which identifies all the system’s users involved in all the company’s control systems.

“Our conversation with utility company employees confirmed that current (idAM) implementations are often decentralized and controlled by numerous departments within a company,” the NCCEE executive summary reads. “Several negative outcomes can result from this: An increased risk of attack and service disruption, inability to identify potential sources of a problem or attack, and a lack of overall traceability and accountability regarding who has access to both critical and noncritical assets.”

The challenge is greater now while the utility industry is trying to enhance older grid infrastructure in response to emerging technologies and new devices, according to the report.

The NCCEE is a part of the U.S. Department of Commerce’s National Institute of Standards and Technology. The report says that these solutions are commercially available to utilities and also released a lengthy “how-to” guide.

“Electric utilities need the ability to provide the right person with the right degree of access to the right resources at the right time, and quickly,” the summary reads.

The NCCEE says the guide does not mean it is endorsing any or all of the commercially available products. It also asked those engineers and other implementers to participate in a forum and contribute feedback to the findings.

For more information on the report, go to and see the new energy practice guide.

Did You Like this Article? Get All the Energy Industry News Delivered to Your Inbox

Subscribe to an email newsletter today at no cost and receive the latest news and information.

 Subscribe Now


The Time is Right for Optimum Reliability: Capital-Intensive Industries and Asset Performance Management

Imagine a plant that is no longer at risk of a random shutdown. Imagine not worrying about losing...

Going Digital: The New Normal in Oil & Gas

In this whitepaper you will learn how Keystone Engineering, ONGC, and Saipem are using software t...

Maximizing Operational Excellence

In a recent survey conducted by PennEnergy Research, 70% of surveyed energy industry professional...

Leveraging the Power of Information in the Energy Industry

Information Governance is about more than compliance. It’s about using your information to drive ...

Latest PennEnergy Jobs

PennEnergy Oil & Gas Jobs