ERCOT Cybersecurity Monitor Shares Best Practices

Shutterstock

Sep 12, 2024 | Tom Kleckner

ERCOT’s Cybersecurity Monitor Program, a voluntary outreach effort to involve the state’s utilities in sharing best cyber-defense practices, offers a safe place for their cyber discussions.

Speaking to ERCOT stakeholders, Chuck Bondurant, the Texas Public Utility Commission’s director of critical infrastructure security and risk management (CISRM), urged his listeners to treat the ISO’s grid as a special jewel.

“You know, we brag that we’re our own grid,” he said Sept. 10 during a Talk with Texas RE webinar. “So, let’s protect it that way.”

As the commission’s security lead, Bondurant helped set up ERCOT’s Cybersecurity Monitor Program, a voluntary outreach effort to involve the state’s utilities in sharing best cyber-defense practices. The program, focused on physical security issues, kicked off what he said was a “massive” recruitment effort in 2020; it now numbers 65 participants.

The monitoring program was created by state legislation requiring the PUC and ERCOT to “foster a more collaborative, strategic approach identifying cybersecurity issues” and improve security measures in electric infrastructure. The cybersecurity monitor is responsible for managing the outreach, communicating emerging threats and best business practices, reviewing cybersecurity self-assessments, researching and developing best business practices for cybersecurity, and reporting “monitored utilities’” preparedness.

The program is free for utilities in the ERCOT region but costs $4,322 for those in the MISO South, SPP and WECC portions of Texas. It is managed by Paragon Systems, a Houston-based security guard service.

Quarterly meetings form the program’s backbone. Bondurant said the meetings are open to utilities that “may be on the fence” about joining the program to learn more about the program.

“This is what we originally envisioned. … This is a chance for utilities to have a safe space where they could dialogue,” he said. “This is just another forum, another opportunity for utilities to kind of get together and discuss, ‘Hey, these are the things that that concern us.’”

Stressing the cybersecurity monitor is not an auditor, Bondurant said, “We’re here to come alongside the utilities and get a better understanding of what we are and where we’re at, cyber security-wise across the state.”

“Texas is a huge space, and it’s pretty hard to be able to touch every single one of the utilities within the state. This program kind of helps us get an overall, generalized view of what we look like across the board, whether it’s municipal utilities, co-ops or investor-owned utilities,” he added.

Recent topics have included unmanned aerial systems, which include drones.

“That is a huge, huge topic that’s not just being talked about here in Texas,” Bondurant said. “Some of the discussion is, ‘How do we help utilities?’ [Utilities] are kind of hamstrung by federal requirements on what you can and can’t do in defense of your systems in concern with unmanned aerial systems. We’re discussing this, seeing what can be done legislatively to give [utilities] additional tools [to] combat this.”

The program will hold a Critical Infrastructure Cybersecurity Summit on Oct. 9-10 on the University of Texas at San Antonio campus. It will feature speakers from the U.S. Department of Energy, the federal Cybersecurity and Infrastructure Security Agency, NERC and other security professionals.

Public Utility Commission of Texas (PUCT)