Issue link: https://securitytechnologyexecutive.epubxp.com/i/917121
www. SecurityInfoWatch.com • November/December 2017 • SECURIT Y TECHNOLOGY E XECUTIVE 33 J ust before 1 a .m . on April 16, 2013, snipers opened fire on an electrical substation in Metcalf, California . The attack lasted 19 minutes and knocked out 17 huge trans- formers responsible for fun- neling power to Silicon Valley. To avoid a blackout, electric grid officials had to reroute power around the site and ask power plants in the area to produce more electricity to accommodate the loss. Bringing the substation back to work- ing order took utility workers 27 days. The Metcalf incident was a massive wake-up call for the industry, exposing serious vulnerabilities to the power grid and critical infrastructure in North Amer- ica. While many utility organizations have security measures in place should anyone penetrate the perimeter, threats from outside the perimeter hadn't been a major area of focus. A report from the National Academies of Sciences, Engineering , and Medicine concluded that the U.S. electric grid is vulnerable to a range of threats, includ- ing terrorism or natural disasters. Many of our power grid's systems sit out in the open and exposed. They 're usually in remote locations, secured by little more than cameras and chain-link fences. Transmission substations, like the one in Metcalf, are critical links in the power grid. They make it possible for electric- ity to move long distances and serve as a hub for intersecting power lines. Attacks on these critical areas can cause serious problems for neighboring cities, towns and businesses. In addition to the headaches that attacks can cause for the utility company and energy consumers, transformers are extremely costly and difficult to replace. In response to the Metcalf incident, the Critical Infrastructure Protection (CIP) Standards were created for the North American power system. The CIP standards and requirements address the security of perimeters and the protec- tion of critical assets, including train- ing , security management and disaster recovery planning. All utilities that contribute power to critical sections of the national grid are required to provide a plan to secure their Tier 1 and Tier 2 assets. While the stan- dards do provide a level of detail as to what elements may be included to secure these vital assets, the guidelines are very broad in nature. As a result, major public utilities are addressing this challenge in a variety of ways. The greatest challenge is The CIP standards and requirements address the security of perimeters and the protection of critical assets, including training, security management and disaster recovery planning. Image Courtesy of BigStock.com to compose a design for physical security elements that meet or exceed the require- ment, in a manner that accords with cor- porate security processes, with a view to operational efficiencies. In some respects, this is the classic approach to balancing the amount of money invested, versus level of risk posed by the perceived threat to be miti- gated. Since substations vary in location from urban to suburban and even very remote rural locations, utility providers are relying on the latest technologies to meet geographical, topographical, com- munication and notification challenges. A tailored solution is needed to prop- erly address an organization's unique risk considerations that vary depending on the setting and identifiable vulnera- bilities. However, this is easier said than done and many organizations are finding themselves struggling to rapidly deploy and meet CIP deadlines. Utility companies can take a layered approach to securing their critical infra- structure by thinking beyond someone penetrating the perimeter, and identify- ing several different integrated technolo- gies that can work together to provide a comprehensive solution. Below are some solutions to consider for protection of critical infrastructure. INTRUSION PROTEC TION Intrusion protection is a serious com- ponent to work into a security plan. Advancements in fencing have made it possible to avoid situations like the one that happened in Metcalf. They have transitioned from your standard chain-link fence to metal panels, and now, fences for areas like power substa- tions typically consist of 12 feet high concrete barriers, similar to what you see on the highway. THERMAL C AMER A S Another technology to consider is ther- mal cameras, which outperform a typi- cal visual camera in dark scenes and are a great tool for detecting people and objects in 24/7 surveillance. These cameras are less sensitive to problems with light conditions, such as shadows,