I’ve always been a good sleeper. I hear others complain about sleeplessness and waking up still tired and luckily, I’ve managed to avoid that for most of my life. As the CEO of your cooperative, there is one thing that sometimes keeps me up at night – cybersecurity and threats to the electric grid.
I didn’t choose this topic to scare you, but rather to level with you about what this risk involves and how we are managing it on your behalf. We can’t manage this risk by burying our heads in the sand.
Our cyber threats come from various directions. On average, the cooperative’s cyber protections stop as many as 6 million attempts to test or breach our defenses every month.
The biggest cyber threats generally come from nation-state bad actors with a goal of upsetting national security through power disruption. The second biggest cyber threats tend to come from profit-motivated hackers who are hoping to lock up our systems and your data in order to force us to pay them to get it restored.
Our proactive approach to managing these threats is multifaceted. First, and foremost, our employees undergo extensive training and testing on how to defend against social engineering. Most cyber-attacks happen when an employee opens a bad attachment, clicks on a bad link or does something else that allows cyber criminals entrance into our systems. That means our employees are our first line of defense.
In addition to training, we have rigid firewalls and complex multi-factor authentication requirements to access our system. We decrease our employees’ risk of getting bad links with strict filters on incoming emails.
We are also continuing to build isolation between our systems while recognizing that our cyber threats can quickly spread to our grid operations capabilities. These isolations mean that systems that operate the grid can’t and don’t communicate with the other systems.
Recognizing this important connection between our grid and our computer systems, this year we also restructured the organization. Now, information technology and operational technology are all housed in one department and we have a dedicated cybersecurity administrator. This allows us to always have a focus on managing cyber threats to grid security.
While prevention is our ultimate goal, we know that a cyber criminal could still get through our defenses. As our cybersecurity administrator likes to say, “we have to be diligent 100% of the time but they only have to be lucky once.” Rest assured that we have a carefully developed and regularly tested cyber incident response plan to help us manage any breach that may occur.
Last year we applied for and have received a federal grant that can be used to help strengthen our cybersecurity readiness. We will use these grant dollars for external technical assistance in assessing our cybersecurity assets, how they work together, and identifying any potential gaps in our defenses. Think of it like a cybersecurity audit. We’ll use the insights we gain to harden our system against cyber criminals.
Our work in mitigating cyber threats will never be done. But, we have the right team and the right resources in place to manage those risks on your behalf. I hope that helps you sleep a little easier, I know it does me.
Video Update April 2024
Shining A Light On Cybersecurity
I appreciate the information, but with TCAPS currently closed for what can only be assumed is some kind of a cyber attack, your headline and timing feels snarky, like you’re kicking a fellow TC institution while they are literally down. It’s not a good look and therefore gives me a completely different view of your organization than I think you intended. Just a note for your marketing people.
Hi Maia – I understand why you interpreted the timing this way, but it’s just not the case. We plan for the magazine and manager’s column months in advance. This column was written in January, submitted in February and went to print by mid-March. The headline is a reference to the content of the column where I talk about cybersecurity being an issue that could keep me up at night. The entire point of the column was to share with our members what we are doing to protect their cooperative against a cyber attack and to prepare to recover from one should it happen. I hope that viewing it through that lens helps.
Regarding TCAPS, I have been very impressed with their handling of the cyber situation they are faced with. They acted swiftly and by all accounts have prevented what could have been much worse. I applaud them for having a good protocols in place and enacting them to the benefit of the community they serve.
Thank you for this! I appreciate the follow-up.
I appreciate your diligence in protecting our electrical service. With the recent TCAPS situation, it’s reassuring to know how hard Cherryland is working to prevent a similar incident. This is the world we live in today, and apparently the hacker “got lucky” with TCAPS. That doesn’t say anything about their efforts to prevent an attack, however knowledge is power and we all need to be aware of what can happen.
Every organization is at risk of attack by cyber criminals. As keepers of critical infrastructure, we are a target for cyber attack and must be vigilant at all times. Thanks for the comment.
Appreciate these reminders. Especially timely with the new ongoing cyber incident at Traverse City Area Public Schools (TCAPS).
I don’t see it as ‘kicking someone when they’re down’. More like many folks in the service area are thinking of this right now and it’s a good reminder that we have critical infrastructure even in Northern MI and in the connected age, these threats impact us all.
You nailed it, Fred! Critical infrastructure is a major target of cyber criminals and we have to do everything we can to prevent and be prepared to respond to a cyber incident. I hope after reading this column (which was written months ago and well in advance of the TCAPS news) all of our members have confidence the co-op is managing this risk diligently on behalf of our members.
Everyone needs to be aware of cyber attacks, all day, everyday. We have created this digital world as so now we have to deal with it. Facts don’t care about your feelings. TCAPS getting burned by this is the perfect reason to raise more awareness.
Thank you for the great reads.
You are absolutely correct that this is just part of our lives now. All businesses face constant probing attacks that require us to constantly update our protections and always be ready to move swiftly should a cyber breach occur. To TCAPS credit, it sounds like they did move quickly and were able to prevent this from being much worse. Kudos to them for doing so. And, a good reminder to all of us to remain vigilant. I am very proud of the work we’ve done at Cherryland to prepare for and prevent a cyber attack but that work will never be “done.” Thanks for the comment.