Infrastructure Security Archives

Will Your Critical Substation Survive an Attack?

Written by Ross Johnson on November 6, 2024. Posted in Infrastructure Security.

Will your critical substation survive an attack? How would you know? We install security systems to protect our substations. Critical sites would likely include some kind of barrier, like a fence or a wall; a video surveillance system (VSS); an access control system, combining a locking mechanism with a card reader or PIN pad; lighting; a security monitoring center; and some kind of response force, such as a mobile patrol or police. How do you know that they will work? We commission systems after they are installed. We check that the fence was installed according to the contract. We examine...

Danger from Above: The Time is Now to Address Drone Risks

Written by William Edwards on October 31, 2024. Posted in Infrastructure Security.

It is not “if” but “when” for a major and nefarious event happens involving Small Unmanned Aircraft (sUAS) like drones. There is a distinct lack of urgency across all levels of government about security, safety and emergency preparedness given the rise of drones and their rapidly maturing capabilities and demonstrated use cases. The question is: are we paying attention? Look at the increasing news reports about how these platforms are disrupting security and safety almost daily. In 2023 alone, there was an uptick in these events. Look no further than the New Hampshire incident during which...

Mastering the three “Cs” of Security: Clarity, Communication and Consistency

Written by Jim Willis, CMAS, CHS-V on September 30, 2024. Posted in Infrastructure Security.

As the Assassination Attempt that happened on July 13th Demonstrated, a Failure of Clarity, Communication and/or Consistency Can Lead to Devastating Consequences. It’s Vital that Your Substation Security Strategy Offers Certainty in All Three Areas. Albert Einstein once said, “Any fool can know. The point is to understand.” I often refer to this quote in the training programs I conduct because I believe it holds true for utility security in general, especially when it comes to effective substation security. That’s why my previous articles have focused on the more abstract...

The AI Push to Smart and Speedy Security

Written by Jon Carstensen on August 28, 2024. Posted in Infrastructure Security.

Threats of theft, vandalism and terrorism are a continual concern for those responsible for the security of the nation’s utilities. Regulations are becoming increasingly stringent, making perimeter security vital to maintaining safety, safeguarding assets, and ensuring business continuity. If critical assets are damaged or disabled, it can have a negative impact on the communities and businesses in the service area and may pose health and safety risks. For regulated sites, perimeter security is critical to meeting strategic and compliance objectives. For example, guidelines for utilities...

Green Protection: Two Perspectives on How to Effectively Plan and Implement a Security Strategy for Renewable Energy Sources

Written by Curtis Marquardt on August 21, 2024. Posted in Infrastructure Security.

Whether it’s solar, geothermal, wind or hydro, utilities are implementing more renewable energy generation sources than ever before. But with their rapid march toward these green energy sources come some new and distinct security challenges. To learn about what risks to consider and strategies to implement, I had a conversation with Idaho National Laboratory’s Emma Mary Stewart, an expert in renewable energy and security, and Courtney Samp from Avangrid, a security strategy expert who helped coordinate a strategy for the third-largest renewables operator in the nation. Along the way, they...

Protecting Water Utilities from Drone Threats: Understanding the Steps of a Drone Security Methodology that Support the J100 framework

Written by William Edwards on July 30, 2024. Posted in Infrastructure Security.

The small uncrewed aerial system (sUAS) ecosystem can seem overwhelmingly complex, but it doesn’t have to be that way. The wars in the Middle East, Nagorno Karabakh, Ukraine, and now Gaza have proven that we need to pay attention to the threat that drone technology poses to our critical infrastructure. The use cases of this evolution are abound on social media and events in the United States continue to show that it’s not a matter of “if” but “when” an event occurs. Ukraine is the most prominent example of this evolution as we continue to see that drone technology is moving from...

Know Your Diamonds from Your Pencils: Talking All Things Physical Security with SERC’s Travis Moran

Written by Curtis Marquardt on June 29, 2024. Posted in Infrastructure Security.

Curtis Marquardt Jr.: Can you tell our readers more about your background and what you do for SERC Reliability Corporation.? Travis Moran: I began my career in law enforcement, first as an analyst with Interpol. After several years, I joined the U.S. State Department as a special agent, where I served for six-and-a-half years. I then spent 17 years at the Bureau of Alcohol, Tobacco, Firearms and Explosives dealing with violent crime, terrorism, bombs and murders. Following my retirement in 2013, I joined Dominion Energy’s corporate security department. This tenure coincided with the...

Critical Decision Making Progress - Substation Security

Substation Security Challenges: The Importance of the Critical Decision Making Process

Written by Jim Willis, CMAS, CHS-V on June 29, 2024. Posted in Infrastructure Security.

In my previous article, I discussed how dangerous unverified assumptions can be when it comes to substation security issues. Now, we will consider the impact of our decision-making process on substation security. Critical decision-making has nothing to do with “criticizing”. In critical decision-making, we’re using the third definition of “critical” in the Merriam-Webster Dictionary: “exercising or involving careful judgment or judicious evaluation”. At first glance, critical decision-making appears to be a complicated, overly sophisticated, technical process. In reality, it’s a learnable...

Forging a Secure Tomorrow: Duke Energy’s Path to a More Resilient Future

Written by Curtis Marquardt on June 29, 2024. Posted in Infrastructure Security.

There’s a great quote by Confucius that says: “Our greatest glory is not in never falling, but in rising every time we fall.” And it’s truly applicable for security professionals because no matter how much one plans, strategizes and fully commits to preventing an incident, along comes something that challenges those efforts in ways that can help an organization grow, evolve and achieve an even better security posture. On Dec. 3, 2022, Duke Energy experienced a “something” in the form of an unprecedented and sophisticated attack on a low-level substation that knocked out power to more than...

How ‘Global Weirding’ is Creating New Threats for Utility Security Professionals

Written by Curtis Marquardt on June 29, 2024. Posted in Infrastructure Security.

If you search for “Andrew Bochman” on Amazon’s website, the first listing to appear is a book he co-authored about countering cyber sabotage. If you search his name on YouTube, you’ll find videos of him presenting on topics including managing risk and operational technology cybersecurity. Bochman dedicated much of his career to helping with the security and resiliency of utilities. Interview with Andy Bochman But as the years passed, he watched—along with the rest of us—climate event after climate event continuously wreak havoc on utilities. In bearing witness to those events, Bochman saw a...

Partnering with Law Enforcement to Improve Bomb Threat Prevention and Response: A Conversation with the Office for Bomb Prevention’s Charles Leas

Written by Curtis Marquardt on May 30, 2024. Posted in Facilities Security, Infrastructure Security, Utility Guardian.

With attacks on utilities growing every year, it is more important that ever to have a sound bomb threat response program in place. A key element to that program is to work together with state and local law enforcement to establish lines of communication about potential threats as well as establishing an effective response plan. Utility Security magazine’s Editor-in-Chief, Curtis Marquardt Jr., had a chance to sit down with the Office of Bomb Prevention’s Operation’s Chief, Charles Leas, to talk about how utilities can create or improve their bomb threat program. Curtis Marquardt...

Threats on the Horizon: The Challenges of Securing the Nation’s Water Utilities and the Strategies to Overcome Them

Written by Curtis Marquardt on February 29, 2024. Posted in Infrastructure Security.

As I sat down to write this article, the town of Flint, Michigan, popped into my head. For anybody who works in the water sector, the mere mention of Flint is likely to spark mental images of a water crisis, national news coverage, footage of angry citizens, and a glimpse into what the fallout from a water crisis looks like. And while Flint’s 2014 water management fiasco was not borne from the impacts of a security breach, it certainly does forecast what could happen should a water utility suffer an attack that impairs its ability to deliver potable drinking water to its communities. To...

Are You Ready for a Drone Attack on Your Infrastructure?

Written by Curtis Marquardt on February 29, 2024. Posted in Infrastructure Security.

In July 2020, someone fitted a DJI drone with two long ropes; both ropes had a long copper wire tied to the end of it. That person then attempted to fly the drone into a substation in Pennsylvania. Through luck or perhaps operator error, the drone never reached the substation, instead crashing onto the roof of an adjacent building. But as the U.S. Department of Homeland Security reported, this effort was done with the intent to disrupt the grid. Since then, we’ve seen the use of drones in military conflicts overseas ramp up considerably, including an instance where Ukraine sent drones into...

LOOKING FOR SOMETHING?