Trump seeks game plan for grid threats

Source: Blake Sobczak, E&E News reporter • Posted: Thursday, June 22, 2017

President Trump sat down with energy-sector representatives and cybersecurity experts at the White House today to discuss evolving threats to the power grid.

The unidentified “energy sector leaders” brought up potential strategies “to address the evolution of malicious cyber activity” in the energy sphere, said a readout of the gathering.

The White House added that Trump “stated his continued commitment to enhancing electric grid security and resilience,” pointing to his May 11 executive order on the subject.

Today’s meeting included retired Gen. Keith Alexander, a former National Security Agency director and founder of IronNet Cybersecurity, and Tom Bossert, assistant to the president for homeland security and counterterrorism.

Former New York Mayor and longtime Trump adviser Rudy Giuliani was also present, according to the readout. Earlier this year, Trump tasked Giuliani with finding new public-private approaches to the cybersecurity problems plaguing the nation, though Giuliani has kept a low profile since then (Energywire, Jan. 13).

“We must work with private sector — the private sector is way ahead of government in this case — to ensure that owners and operators of critical infrastructure have the support they need from the federal government to defend against cyberthreats,” Trump said at a Jan. 31 White House meeting with cybersecurity advisers and experts.

So far, the president has doubled down on his predecessor’s approach to cybersecurity by playing up the need for government and industry cooperation, especially in the energy sector, where the majority of infrastructure is owned and operated by private utilities.

Today, the White House said Trump “underscored the importance of a continuing public and private partnership to effectively combat threats against the energy sector, particularly the power grid,” after thanking participants for their efforts.

While a White House spokesman did not respond to request for more details on the meeting, it’s likely officials addressed recent high-profile cyberthreats such as WannaCry and CrashOverride.

Cybersecurity researchers first uncovered the CrashOverride threat early last week, and its ability to target power grids worldwide triggered a series of alerts from both the Department of Homeland Security and the North American Electric Reliability Corp. (Energywire, June 13). Nobody from NERC was at the meeting, said a spokeswoman.

It’s not yet clear how these changing threats to U.S. infrastructure will shape Trump’s cybersecurity policies. Last month’s executive order called for state and federal authorities to review “the potential scope and duration of a prolonged power outage associated with a significant cyber incident” and single out any gaps in U.S. readiness. Their report is due in August and could offer ideas for charting a new approach.

The order also sought input on how the government can offer “support to critical infrastructure at greatest risk,” a category that includes major electricity generation and transmission companies.