GlobalSign report clarifies FERC investigation

Tools

A new report from GlobalSign, a provider of SSL Digital Certificates worldwide, explains the "why" behind a Federal Energy Regulatory Commission investigation into North American Energy Standards Board (NAESB) Public Key Infrastructure (PKI) cyber security standards, which are designed to reduce risk within the Wholesale Energy Quadrant.

FERC began an investigation in July into allegations that Certificate Authorities (CA) were placing the electric sector in jeopardy by providing the wholesale energy industry with SSL Digital Certificates that did not comply with NAESB PKI standards.

In August, FERC concluded that no CAs had issued any digital certificates that violated standards or regulations. Further, FERC said assertions that the sector was in jeopardy due to alleged violations were unfounded.

"There is significant misunderstanding when it comes to the electric grid's strengths and vulnerabilities and how it is protected against cyberthreats -- misunderstanding that causes fear, uncertainty and doubt, as well as misallocation of scarce security resources," said Lila Kee, chief product and marketing officer at GlobalSign and board member of the NAESB Wholesale Electric Quadrant end-users segment.

"FERC did an excellent job of debunking the false allegations and revealing the truth. We are making our analysis freely available to any organization or individual who needs to understand the differences between commercial power systems and bulk-power systems, and related security risks," she said.

For more:
- see the FERC report
- see the GlobalSign report

Related Articles: 
Infographic: Corporate infrastructures still at risk
Obama eyes cybersecurity order
Government also faces cyber security challenges