Andy Bochman

Recent tech news trumpets the advancement of quantum cryptography (QC) to secure the Smart Grid. I watched the Academy Awards this year (not normal) and found a whole bunch of Bond (James Bond) running through it, including performances of Goldfinger...

The show is over for me as I'm up in LA for some IBM training, but it was a very good 2 days. Here's a few of the highlights I took away: Patrica Hoffman, DOE's Assistant Secretary for the Office of Electricity Delivery and Energy Reliability...

The annual electric sector conference in North America is coming up next week in San Diego. Called Distributech , the 7,500 or so attendees will peruse booths featuring the latest reclosers, transformers, comm gear, outage management systems, etc.

The US Department of Defense has been thinking about this for a long time, and recently codified a pretty robust response in the form of the National Defense Authorization Act (NDAA) of 2013.

I've been to the Netherlands several times and saw the country in the news a lot recently when UberStorm Sandy raised concerns that New York City should perhaps get similar types of protective systems. I can assure you that this is about much more...

As a chronic complainer re: the lack of grid security metrics (see post from nearly 2 years ago: "Smart Grid Security Truth: You Can't Do What You Don't Measure"), this has been the most amazing and surprising year for me. By far...

Have you seen the new 007 movie yet, the third of the series that features Daniel Craig as Bond? Called Skyfall, one of its key plot drivers occurs when the evil mastermind blows up part of British spy headquarters, MI6, in London, with a handful of deft...

Suppose you are the CEO of a large electric utility and you just learned that you’ve had a large data breach. Your guys are telling you it’s possible that several million detailed customer records have been exposed. The privacy ramifications...

While folks who work in or otherwise know the industry will tell you, utilities are by nature very conservative. Their highest values are reliability and safety, but as most utilities transition from monopolistic to competitive business environments,...

In the space of just a few months, electric utility executives and their security leadership have seen a spate of new guidance documents published that intend to help them manage, monitor, and measure the effectiveness of their cyber risk mitigation strategies...

One thing you can say about working for an electric utility: for most employees, it's not a desk job. More than their peers in many other sectors of the economy, electric utilities have used and managed mobile devices as essential tools for a long...

For the longest of time electric utilities had little reason to focus on customer communications, and their residential customers, similarly, often didn’t have much to say to them. So much so that when pressed, many customers couldn’t even...

In many industries, increasingly network-connected products are enabling previously unimaginable new capabilities and, at the same time, creating new privacy and security challenges.

With the naked eye one can see signs of change in our electric infrastructure: smart meters installed by the millions and solar panels going up in similar numbers. Further away and sixty times per second, synchrophasers are monitoring the quality of high...

Around the world, it’s hard to miss the constant media and analyst drumbeat of warnings about new threats to critical energy infrastructures. Yet recent reports by Carnegie Mellon University and IBM reveal that most utility executives are more focused...

Readers, working your way through this comprehensive yet non alarmist EPIC PIECE of Smart Grid security journalism will take some time, because author and former NH PUC commissioner Nancy Brockway has done her homework and then some.

Fixating on responding to a compliance regime is in a sense, like agreeing to not learn. You know how when you're in the passenger seat and even if you go to the same destination a hundred times, if you weren't driving you don't remember how...

That's what I'd be asking if I were the CEO or CFO of a utility and I'd just read this short article introducing the new National Association of Regulatory Utility Commissioners (NARUC) Cybersecurity for State Regulators guide. Before I begin...

The report in question is the CyLab 2012 Report - Governance of Enterprise Security: How Boards & Senior Executives Are Managing Cyber Risks. Posted on this report recently, HERE , which includes links to it. Have gotten some less-than-happy feedback...

http://www.shodanhq.com/ First mentioned on the SGSB HERE late last year re: a water pump hacking story, Shodan has an interesting origin story and its current use is even more interesting. You know how you use Google or Bing to find links, apps, music...

In March we covered the preliminary CyLab report on the state of cross sector Security governance and one of the things it taught me was that electric sector cybersecurity professionals are not alone in their quest to improve/increase the level of interaction...

Here we go again, and this one is not (energy) sector specific. It's more geo-specific ... see: Middle East and North Africa, at least for now. This is a clear-cut case of marketing security through fear, uncertainty and doubt (FUD), and using the...

This announcement, from the European Network and Information Security Agency (ENISA) hit my inbox earlier today and you might like to see it, especially if you are based in Europe (or would like a reason to visit). I reduced it down for your more rapid...

In January of this year we gave you a privacy post related to the Smart Grid Consumer Collaborative (SGCC) from a panel session it organized the day before the Distributech conference in San Antonio. Time has passed and now the same great org has produced...

This is a short post with a security message that appeared in a prominent place, a message worth repeating. In the Wall Street Journal's relatively new CIO Journal, editor Michael Hickins highlighted recent statements from a local Boston-area healthcare...