Utility regulator sharpens focus on cybersecurity threats
Photo by AP Photo/J. Scott Applewhite
(Harrisburg) — Pennsylvania’s utility regulator has created a new office to deal specifically with cybersecurity threats.
The Public Utility Commission (PUC) already requires utility companies to have a cybersecurity plan in place.
Officials said the new Office of Cybersecurity Compliance and Oversight will be better equipped to make recommendations to strengthen those plans.
Spokesman Nils Hagen-Frederiksen says the potential fallout from a cyber attack is only growing as utilities become more interconnected.
“Natural gas and electricity and water and wastewater and telecommunications–they’re all so deeply integrated. And if the power goes down, all of those other services typically go down in a very short period of time,” he said. “An organized cyber attack can actually have the same kind of impact as a massive hurricane, without the physical destruction.”
That kind of widespread, long-lasting utility operations failure is known as a “black sky event.”
The PUC is concerned with two main threats: online customer accounts and utility operations, which range from how employees handle emails to the computerized mechanisms that get services to homes.
The new office’s director Michael Holko most recently was a program manager at the state’s Office of Administration, Office for Information Technology.
The agency said it was able to create the position without adding to its budget, by reallocating a vacant position.
Sometimes, your mornings are just too busy to catch the news beyond a headline or two. Don’t worry. The Morning Agenda has got your back. Each weekday morning, host Tim Lambert will keep you informed, amused, enlightened and up-to-date on what’s happening in central Pennsylvania and the rest of this great commonwealth.
