Vol. 52, No. 4

In this edition

With polls showing that over 80% of the American people view cyberterrorism as one of the top threats facing the United States, the latest Ripon Forum examines what is being done to prevent a “Cyber 9/11.”

In Memorian: “An Enduring Peace”

In tribute to the life and accomplishments of the late John McCain, we republish his 2008 interview with the Forum that not only remains remarkably relevant today, but reminds us why he will be missed.


America has played defense long enough when it comes to cybersecurity. In the face of an increasing multitude of threats, it is time to go on offense.

Elevating Cyber Command:

The elevation of CYBERCOM earlier this year is a move whose time has definitely come. In fact, the only possible criticism could be: “What took you so long?”

The Magnitude of the Cyber Threat Facing America

With an estimated 40 billion new devices expected to be interconnected by 2020, the American people — and the U.S. economy — are more vulnerable than ever before to a cyber attack.

Defending the Grid

With cyber threats continuing to grow and evolve, the public & private sector are working together to protect America’s supply of electric power.

Closing the Federal Cyber Workforce Gap

A recent OMB report highlighted the fact that Three quarters of federal agencies lack the capability “to effectively detect data exfiltration attempts and respond to cybersecurity incidents.”

Paper Ballots & Election Security:

Eliminating the human element from filling out paper ballots is as essential to election security as ensuring election machines produce a voter verifiable paper ballot.

Safeguarding the Mid-Terms

There’s a mixed bag of actions being taken by election officials in states across the country in order to mitigate the infiltration of election systems during the 2018 mid-terms.

Troubling Trends in the Federal Budget

Elected leaders profess to be concerned about the nation’s long-term economic growth. You’d never know it, however, by looking at the federal budget.

A Failure on 9/11, and a Lesson Finally Learned

Prior to 2001, the ability to communicate over commercial wireless carriers would routinely be unavailable during major incidents — times when first responders need it the most.

Ripon Profile of Jackie Walorski

The Indiana Congresswoman discusses, among other topics, the importance of farmers and manufacturers in her District, and how tariffs will impact their work.

Defending the Grid

How the public & private sector are working together to protect America’s supply of electric power

Every second of every day, America’s electric companies are delivering energy to their customers that is reliable, affordable, safe, and increasingly clean. This energy drives our economy and enables our way of life, and providing reliable service is a responsibility electric companies take very seriously. This includes protecting the energy grid from cyber-attacks, which are increasing in frequency and sophistication. As these threats evolve, so, too, do our security strategies, which are closely coordinated with the federal government through a partnership called the Electricity Subsector Coordinating Council (ESCC).

The CEO-led ESCC serves as the principal liaison between the federal government and the electric power industry on grid security and resilience issues, coordinating with senior officials from across the federal government, including the White House, the Department of Energy (DOE), Department of Homeland Security, the Office of the Director of National Intelligence, and Defense, the Federal Energy Regulatory Commission, and the FBI. Together, they improve security through a host of initiatives that enhance how industry and government prepare for, and respond to, threats to critical infrastructure.

As cyber threats evolve, so, too, do our security strategies, which are closely coordinated with the federal government.

This partnership extends well beyond just cybersecurity. Edison Electric Institute’s (EEI’s) member companies and our government partners prepare to respond to all hazards, whether they be physical or cyber or naturally occurring or manmade. Since it would be impossible for companies to protect every asset from every threat all the time, we prioritize based on the likelihood and severity of a threat. We also focus on managing consequences by preparing to restore power quickly and safely regardless of why an outage occurred. As an industry, we know that the public depends on us to restore power as safely and quickly as possible when an incident occurs, and industry-government exercises regularly test our capabilities and response plans before they ever need to be put into action.

In addition to the ESCC’s activities, EEI members coordinate closely with the public-sector offices dedicated to protecting critical infrastructure. Just like the private sector, our government partners are evolving in response to the dynamic threat environment we face today. In February, Secretary of Energy Rick Perry announced the creation of the new Office of Cybersecurity, Energy Security, and Emergency Response (CESER), to help the electric power industry better protect itself from future cyber-attacks and ensure a reliable supply of electricity for customers. The Department of Energy has been an important partner in helping industry prepare for and respond to incidents. EEI looks forward to continuing this partnership with DOE and working closely with Assistant Secretary Karen Evans and the new CESER office to continue this important mission.

The value of industry-government coordination cannot be overstated. Coordinating directly with the government allows EEI members to take a more comprehensive approach to identifying, assessing, and mitigating threats and suspicious activity. The government regularly provides classified briefings to system operators regarding the latest threats to the electric power industry. When companies receive actionable intelligence, they are able to take action to prevent or to mitigate future attacks.

The Cybersecurity Risk Information Sharing Program (CRISP) is a great example of a valuable technology that has resulted from this partnership, combining intelligence and analysis from the electric power industry, DOE, Pacific Northwest and Argonne National Laboratories, and the Electricity Information Sharing and Analysis Center (E-ISAC). More than 75% of U.S. electric customers are served by a company that has deployed CRISP, and this program will continue to grow as the information gleaned from its sensors and the associated analyses have proven extremely valuable to identifying and addressing security risks.

In February, Secretary Rick Perry announced the creation of the new Office of Cybersecurity, Energy Security, and Emergency Response to help the electric power industry better protect itself from future cyber-attacks.

The electric power industry invests more than $100 billion each year to make the energy grid stronger, smarter, cleaner, more dynamic, and more secure. These investments in smarter energy infrastructure help companies to better monitor their systems, and they provide the flexibility and resiliency needed to manage incidents in real time. The industry also focuses on workforce development to ensure that we have employees with the skills needed to respond to incidents.

Our industry’s new cyber mutual assistance (CMA) program is a great example of how the ESCC can drive initiatives that make the whole industry more secure. Building on our industry’s culture of mutual assistance, we established an industry-wide program that will help companies restore critical computer systems following significant cyber incidents. The program now offers resources from more than 145 electric and natural gas companies representing investor-owned electric companies, public power utilities, electric cooperatives, natural gas companies, regional transmission organizations and independent system operators, and Canadian electric companies. This network covers approximately 80% of U.S. electricity customers and roughly 75% of U.S. domestic natural gas customers.

In today’s dynamic threat environment, programs like CRISP and CMA are critical tools for the electric power industry to ensure our ability to provide reliable energy to customers. The energy grid is the backbone of the U.S. economy, and securing it is critical to the life, health and safety of all Americans. In the face of evolving threats, the industry will continue to invest in security, improve information sharing, further develop mutual assistance networks, and strengthen government and cross-sector partnerships.

Tom Kuhn is president of the Edison Electric Institute.