Cyber Beat Live, part 3: What if hackers took over our power grid?
What are we doing to prevent or minimize an attack on our power grid? Experts talked about the topic, “What if hackers took over our power grid?” Here are some of the key questions discussed:
- The US’s critical infrastructure experienced a 20 percent increase in cyber incidents in fiscal 2015. Is the probability of a power grid cyber attack high or low? Why?
- How long would a successful attack have to last to really wreak havoc? Are cyber attackers equipped well enough to perpetrate a sustained attack? What are some emerging threats that we need to be concerned with?
- Broadcast journalist Ted Koppel indicated that the one agency that would be ready to counter a cyber attack of this magnitude is the Department of Homeland Security, but he also said it isn’t ready? What are your thoughts? Is this agency ready?
- A 2015 Lloyd’s of London and University of Cambridge report estimated a hypothetical worst-case scenario of $243 billion to $1.024 trillion in direct and indirect losses from a cyber attack on the US power grid. Is the US government adequately prepared for a worst-case attack scenario, and what would the plan look like? Can we survive such an attack?
- Should operators focus on detection and rapid response rather than on preventing a cyber attack on the power grid? Why?
- What role should governments play in helping operators fortify systems and prepare for an attack on critical infrastructure?
Bob Stasio is a senior product manager of cyber analysis with IBM i2 Safer Planet. He brings nearly 14 years of expertise fighting top-tier malicious actors in the intelligence community, the US military, the National Security Agency (NSA) and the commercial sector. Stasio also served on the initial staff of US Cyber Command. During the troop surge of 2007, his intelligence unit supported the detainment of more than 450 high-value targets.
Mobolaji "Manny" Moyosore, head of security design, threat and vulnerability management, Tesoro Companies. An information security professional with 14 years of IT experience and over a decade of information security experience that cuts across multiple continents and industry verticals. Moyosore provides thought leadership, strategic direction, subject-matter expertise and innovative ideas on most effective ways of supporting and defending organizational crown jewels against unauthorized access, disclosure, destruction and alteration. His experience and skills span the full breadth of the information security domain, primarily focusing on information risk management, threat modeling, security architecture, vulnerability management, security policies and standards, and controls gap analysis.
Michael Riley, reporter at Bloomberg News covers cyber security for Bloomberg News, Bloomberg Television and Bloomberg Businessweek magazine. Among his groundbreaking work, Riley wrote the first profile of PLA Hacking Unit 61398 seven months before Mandiant's APT1 report; he broke the story of the massive JPMorgan Chase breach in the summer of 2014; and he co-authored the first account of the destruction of Sands Corp computers by Iranian hackers, a report later confirmed by Director of National Intelligence James Clapper in congressional testimony. Riley was named 2014 Business Journalist of the Year by Talking Biz News. He has won national journalism awards from many distinguished organizations, including the Overseas Press Club, the American Bar Association, Columbia University, and the Society of American Business Editors and Writers. Riley is the author of a 2012 investigative series on cyber-espionage, including a profile of the Shanghai-based Comment Group. Before coming to Bloomberg in 2010, he was a national reporter for the Denver Post for eight years, winning many journalism awards including the American Bar Association's Silver Gavel award, Columbia University's Paul Tobenkin Award and the Society of American Business Editors and Writers 'Best in Business' award.