I am sure that many of you have heard the term “cyber security” over the past several years. In addition, “physical security” is also a term that is getting more and more use in the electric utility industry.
Both of these terms affect the district in very distinct ways, and I want to take some time to explain some of the issues associated with each of these.
Cyber security refers to protecting the devices/systems that are controlled by computers district employees use in their daily activity.
These include: (1) the personal computers on which employees perform their daily tasks; (2) the district system server, which protects the files stored by users of the district’s computer system; (3) the district’s supervisory control and data acquisition system, which allows the district to monitor equipment in the field, such as distribution lines and substations; and (4) the control systems, which allow the district to operate the hydroelectric facilities.
Each of these systems, as well as other systems used by the district, is subjected to potential compromise from individuals and machines outside the control of district personnel.
Through the use of software, user protocol and other methods, the district’s information technology team protects these assets from outside attacks. It is amazing at how often and how many attacks have occurred, but the district’s systems have remained safe. This is not an easy task, as those trying to attack our systems and get data become more sophisticated each day.
In addition to the district’s information technology team, district personnel also work with others whom we interact with — including our partners at NPPD — to protect our assets from cyber attacks.
As you can tell from the description above, cyber security is really a behind-the-scenes effort that is rarely seen by the public and is hard to put a finger on. However, trust me, it is ongoing and getting more complex each day.
Physical security is more easily detectable. This includes fencing around our equipment and facilities, such as our service center and substations as well as at the powerhouses in Columbus and Monroe. It also includes cameras that watch these areas for those wanting to damage district equipment.
Additionally, the district places signs around all of our facilities warning potential trespassers that they would be subject to penalty if they trespass on property not open to the public.
The district has many places, including our parks and lakes, that are open to the public. However, we must fence off those properties that help us control the electric grid, such as substations with large transformers located within the premises.
Both cyber security and physical security of the district’s assets are getting more and more scrutiny by the federal government. This, in turn, causes the district to spend more and more money associated with protecting our assets.
As mentioned previously, we work closely with NPPD on a number of these, which adds more costs to our operations. We try to be good stewards with the money we have. However, government regulation requires we meet minimum standards.
You will be seeing more and more of these cyber security and physical security efforts in the upcoming years from the district. We are working to make these as painless as possible for those who visit our facilities.
However, sometimes there is not much district employees can do. It is a function of our industry to have requirements for some of these activities.
District management and the board of directors try to make all of the district’s employees and customers feel safe and secure when you visit our facilities.
All of these efforts will help in the future, and hopefully everyone understands why we are making these changes.