Crossroads Blog | CYBER SECURITY LAW AND POLICY

critical infrastructure, Cybersecurity

Two Steps Forward – One Step Back –> The [re]introduction of retro devices to improve grid security

Retro Analog Tech a Danger to U.S. Power Grid (TheHill): According to a recent article by Cris Thomas, writing for TheHill, some recently introduced legislation in the Senate calls for a return to analog devices in order to improve the security of our grid infrastructure.  The article indicates that the goal of the legislation is to replace automated controls with older analog controls which are not susceptible to cyberattacks.  It is anticipated that in order to effectuate this a pilot program would be undertaken that would cost $10M and would take two years to identify analog devices that could be installed to isolate portions of the grid and prevent a crippling cyberattack, according to the article.  The article points out some of the shortcomings of this approach including the fact that merely being afraid of the future is a poor reason to retreat into the past.  Thomas asserts that it would be wiser to invest this $10M and two years into increasing cybersecurity rather than finding ways to return to an inefficient and error-prone analog world.


Opinion

In some ways, this is positive in that we at least have legislators beginning to contemplate the potential ramifications to our power grid from a cyberattack.   However, the idea that we should transform our critical infrastructure to a point in time twenty years earlier in order to sidestep the cybersecurity issues is alarming in many respects.  This would be analogous to saying that e-mail is widely used for the propagation of malware and phishing scams and thus the best way to combat this is to return to standard postal mail for all communications or under exigent circumstances they might allow the use of the facsimile machine.  While in the short-term this might reduce e-mail based attacks and exploits attempting to stem the tide of technological progress seems an impossible task.  I for one would prefer that we take steps to understand the vulnerabilities of our critical infrastructure and that we make the necessary investment to address the most probable vulnerabilities and move from reactive to proactive and leverage technology instead of attempting to revert to a pre-technological era.

Leave a Reply

critical infrastructure, Cybersecurity

Two Steps Forward – One Step Back –> The [re]introduction of retro devices to improve grid security

Retro Analog Tech a Danger to U.S. Power Grid (TheHill): According to a recent article by Cris Thomas, writing for TheHill, some recently introduced legislation in the Senate calls for a return to analog devices in order to improve the security of our grid infrastructure.  The article indicates that the goal of the legislation is to replace automated controls with older analog controls which are not susceptible to cyberattacks.  It is anticipated that in order to effectuate this a pilot program would be undertaken that would cost $10M and would take two years to identify analog devices that could be installed to isolate portions of the grid and prevent a crippling cyberattack, according to the article.  The article points out some of the shortcomings of this approach including the fact that merely being afraid of the future is a poor reason to retreat into the past.  Thomas asserts that it would be wiser to invest this $10M and two years into increasing cybersecurity rather than finding ways to return to an inefficient and error-prone analog world.


Opinion

In some ways, this is positive in that we at least have legislators beginning to contemplate the potential ramifications to our power grid from a cyberattack.   However, the idea that we should transform our critical infrastructure to a point in time twenty years earlier in order to sidestep the cybersecurity issues is alarming in many respects.  This would be analogous to saying that e-mail is widely used for the propagation of malware and phishing scams and thus the best way to combat this is to return to standard postal mail for all communications or under exigent circumstances they might allow the use of the facsimile machine.  While in the short-term this might reduce e-mail based attacks and exploits attempting to stem the tide of technological progress seems an impossible task.  I for one would prefer that we take steps to understand the vulnerabilities of our critical infrastructure and that we make the necessary investment to address the most probable vulnerabilities and move from reactive to proactive and leverage technology instead of attempting to revert to a pre-technological era.

Leave a Reply