A new federal effort aims to help energy companies protect themselves from hackers trying to shut down the power grid.
It's not exactly a far-off threat. Last year, a Ukrainian utility company suspected cyber intruders caused a major power outage; the year before that, a U.S. cyber firm concluded a Russian hacking group called Sandworm was responsible for another blackout at another Ukrainian power company.
So what do energy companies need? The National Institute of Standards and Technology has one idea, but is open to other suggestions, at least until April 17.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
In NIST's proposed "Situational Awareness" project, companies need to track their operational technology in real-time. They also need to protect the information technology associated with the controls of physical assets so they can detect anomalies or security breaches early on, and generate lots of data about those operations to establish baselines.
The architecture should involve "security incident and event management," including processes for managing outages, and any products that could "ensure the integrity and accuracy of data collected from remote facilities," according to NIST.
Those elements might help energy companies fix internal problems, but also "investigate the chain of events that led to the anomalies, and share findings with other energy companies," NIST said. And collecting real-time data about network activity can help energy companies demonstrate to outside groups they're compliant with information security standards.