Home
In this issue

Jonathan Tobin: Defending the Right to a Jewish State

Heather Hale: Compliment your kids without giving them big heads

Megan Shauri: 10 ways you are ruining your own happiness

Carolyn Bigda: 8 Best Dividend Stocks for 2015

Kiplinger's Personal Finance editors: 7 Things You Didn't Know About Paying Off Student Loans

Samantha Olson: The Crucial Mistake 55% Of Parents Are Making At Their Baby's Bedtime

Densie Well, Ph.D., R.D. Open your eyes to yellow vegetables

The Kosher Gourmet by Megan Gordon With its colorful cache of purples and oranges and reds, COLLARD GREEN SLAW is a marvelous mood booster --- not to mention just downright delish
April 18, 2014

Rabbi Yonason Goldson: Clarifying one of the greatest philosophical conundrums in theology

Caroline B. Glick: The disappearance of US will

Megan Wallgren: 10 things I've learned from my teenagers

Lizette Borreli: Green Tea Boosts Brain Power, May Help Treat Dementia

John Ericson: Trying hard to be 'positive' but never succeeding? Blame Your Brain

The Kosher Gourmet by Julie Rothman Almondy, flourless torta del re (Italian king's cake), has royal roots, is simple to make, . . . but devour it because it's simply delicious

April 14, 2014

Rabbi Dr Naftali Brawer: Passover frees us from the tyranny of time

Greg Crosby: Passing Over Religion

Eric Schulzke: First degree: How America really recovered from a murder epidemic

Georgia Lee: When love is not enough: Teaching your kids about the realities of adult relationships

Cameron Huddleston: Freebies for Your Lawn and Garden

Gordon Pape: How you can tell if your financial adviser is setting you up for potential ruin

Dana Dovey: Up to 500,000 people die each year from hepatitis C-related liver disease. New Treatment Has Over 90% Success Rate

Justin Caba: Eating Watermelon Can Help Control High Blood Pressure

The Kosher Gourmet by Joshua E. London and Lou Marmon Don't dare pass over these Pesach picks for Manischewitz!

April 11, 2014

Rabbi Hillel Goldberg: Silence is much more than golden

Caroline B. Glick: Forgetting freedom at Passover

Susan Swann: How to value a child for who he is, not just what he does

Cameron Huddleston: 7 Financial Tasks You Should Tackle Right Now

Sandra Block and Lisa Gerstner: How to Profit From Your Passion

Susan Scutti: A Simple Blood Test Might Soon Diagnose Cancer

Chris Weller: Have A Slow Metabolism? Let Science Speed It Up For You

The Kosher Gourmet by Diane Rossen Worthington Whitefish Terrine: A French take on gefilte fish

April 9, 2014

Jonathan Tobin: Why Did Kerry Lie About Israeli Blame?

Samuel G. Freedman: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Jessica Ivins: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Kim Giles: Asking for help is not weakness

Kathy Kristof and Barbara Hoch Marcus: 7 Great Growth Israeli Stocks

Matthew Mientka: How Beans, Peas, And Chickpeas Cleanse Bad Cholesterol and Lowers Risk of Heart Disease

Sabrina Bachai: 5 At-Home Treatments For Headaches

The Kosher Gourmet by Daniel Neman Have yourself a matzo ball: The secrets bubby never told you and recipes she could have never imagined

April 8, 2014

Lori Nawyn: At Your Wit's End and Back: Finding Peace

Susan B. Garland and Rachel L. Sheedy: Strategies Married Couples Can Use to Boost Benefits

David Muhlbaum: Smart Tax Deductions Non-Itemizers Can Claim

Jill Weisenberger, M.S., R.D.N., C.D.E : Before You Lose Your Mental Edge

Dana Dovey: Coffee Drinkers Rejoice! Your Cup Of Joe Can Prevent Death From Liver Disease

Chris Weller: Electric 'Thinking Cap' Puts Your Brain Power Into High Gear

The Kosher Gourmet by Marlene Parrish A gift of hazelnuts keeps giving --- for a variety of nutty recipes: Entree, side, soup, dessert

April 4, 2014

Rabbi David Gutterman: The Word for Nothing Means Everything

Charles Krauthammer: Kerry's folly, Chapter 3

Amy Peterson: A life of love: How to build lasting relationships with your children

John Ericson: Older Women: Save Your Heart, Prevent Stroke Don't Drink Diet

John Ericson: Why 50 million Americans will still have spring allergies after taking meds

Cameron Huddleston: Best and Worst Buys of April 2014

Stacy Rapacon: Great Mutual Funds for Young Investors

Sarah Boesveld: Teacher keeps promise to mail thousands of former students letters written by their past selves

The Kosher Gourmet by Sharon Thompson Anyone can make a salad, you say. But can they make a great salad? (SECRETS, TESTED TECHNIQUES + 4 RECIPES, INCLUDING DRESSINGS)

April 2, 2014

Paul Greenberg: Death and joy in the spring

Dan Barry: Should South Carolina Jews be forced to maintain this chimney built by Germans serving the Nazis?

Mayra Bitsko: Save me! An alien took over my child's personality

Frank Clayton: Get happy: 20 scientifically proven happiness activities

Susan Scutti: It's Genetic! Obesity and the 'Carb Breakdown' Gene

Lecia Bushak: Why Hand Sanitizer May Actually Harm Your Health

Stacy Rapacon: Great Funds You Can Own for $500 or Less

Cameron Huddleston: 7 Ways to Save on Home Decor

The Kosher Gourmet by Steve Petusevsky Exploring ingredients as edible-stuffed containers (TWO RECIPES + TIPS & TECHINQUES)

Jewish World Review

America's power grid too vulnerable to cyberattack, US report warns

By Mark Clayton




Forget about temporary summer outages, findings predict real-life doomsday scenario



http://www.JewishWorldReview.com | (TCSM) America's power grid remains vulnerable to cyberattack, a result of sluggish implementation of weak computer security standards and insufficient federal oversight, says a tough new report from the US Department of Energy Inspector General.

The North American Electric Reliability Corp. (NERC), the lead grid-reliability organization for the power industry, has had approved standards in place since January 2008. Power companies were to have fully implemented those "critical infrastructure protection" (CIP) cyberstandards a year ago, but the standards still aren't doing an effective job, the inspector general's audit found.

"Our testing revealed that such standards did not always include controls commonly recommended for protecting critical information systems," including tough password and log-in protections, the report said. The plodding implementation is "not adequate to ensure that systems-related risks to the Nation's power grid were mitigated or addressed in a timely manner."

Among its other findings are the following:


  • The new CIP standards set weaker requirements for password and log-in protections than is common for other types of critical infrastructure.

  • The Federal Energy Regulatory Commission (FERC), which approved the security standards that NERC developed, is partly to blame. The commission ultimately "did not have authority to implement its own reliability standards or mandatory alerts in response to emerging threats or vulnerabilities," the report said. In instances where FERC did have authority to strengthen CIP standards, "the commission had not always acted to ensure that cyber security standards were adequate."

  • The standards don't "clearly define what constituted a critical asset or critical cyber asset," the report found. Instead, utilities "were permitted to use their discretion when identifying critical assets and critical cyber assets…." As a result, "if an entity determined that no critical assets or critical cyber assets existed, it was exempt from the remaining original CIP standards," the report said.

How to define "critical infrastructure" is a big part of the problem. "Lack of stringent requirements for defining critical assets contributed to a significant underreporting of these assets," the IG found. Both the federal commission and NERC officials said power companies had probably undercounted their critical assets and associated critical cyberassets.



RECEIVE LIBERTY LOVING COLUMNISTS IN YOUR INBOX … FOR FREE!

Every weekday NewsAndOpinion.com publishes what many in the media and Washington consider "must-reading". HUNDREDS of columnists and cartoonists regularly appear. Sign up for the daily update. It's free. Just click here.


"Much of the problem stems from … lack of definition," says Michael Assante, former chief security officer for NERC. "The concepts of what need to be protected have not been firmly established."

Critical assets could include, for instance, control centers, transmission substations, and power generators. But on a compliance self-survey, only 29 percent of power generators and less than 63 percent of transmission owners identified one or more critical assets, NERC reported in April 2009.

The IG's office also found that NERC and eight other regional electricity reliability organizations appear to have ignored federal demands to toughen the original CIP standards. One FERC official noted that 95 percent of the changes the commission requested of NERC had not been addressed, the IG said.

The result is that federal regulators have made little progress toward accurately assessing what needs protecting on the grid. The IG's office recommends these fixes: that Congress give FERC greater authority to ensure grid cybersecurity; that tougher cybersecurity standards be adopted; that FERC intensify its oversight of NERC and other grid-reliability entities; that FERC adopt measurements to assess the performance of NERC and the other regional overseers.

"We found that these problems existed, in part, because [FERC] had only limited authority to ensure adequate cyber security over the bulk electric system," the IG report states.

In a response to the IG's report, FERC chairman Jon Wellinghoff agreed with most of its recommendations.

Mr. Assante, now president of the National Board of Information Security Examiners, a standards-setting body for cybersecurity experts, characterizes the CIP standards as only "a minimum set of sound security practices that reinforces the need for utilities to protect themselves and each other."

Given the advent of cyberweapons that can destroy computer-controlled critical infrastructure, such as the Stuxnet worm that was aimed at Iran's nuclear facilities, the IG's report correctly identifies the issues needed to improve grid security, say grid cybersecurity experts.

"The standards have not been implemented with a strong sense of risk in mind," Assante says. "The complexity of enacting a new regulatory regime has taken our collective eye off security and turned it toward administrative issues and compliance."

=<<

Every weekday JewishWorldReview.com publishes what many in Washington and in the media consider "must reading." Sign up for the daily JWR update. It's free. Just click here.

Comment by clicking here.

© 2011, The Christian Science Monitor