NIST finalizes Smart Grid cyber guidelines

Friday - 9/3/2010, 8:30am EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on the Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and the DorobekINSIDER with Chris Dorobek (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area. The Cybersecurity Update is brought to you by Tripwire.

  • The guidelines for the Smart Grid are out! The National Institute of Standards and Technology has been working on these guidelines for nearly a year and a half. They include 189 high-level security requirements, a framework to assess risks, an evaluation of privacy issues and information for businesses to help them protect the grid from attacks and other threats. The new report was prepared by the Cyber Security Working Group of the Smart Grid Interoperability Panel, which is a public-private partnership launched by NIST with American Recovery and Reinvestment Act funding from the Department of Energy.

  • Customs and Border Protection has been lax in cyber security controls for its financial systems. According to a Homeland Security inspector general's report, problems found in 2008 continued into 2009. The lack of controls could let unauthorized users see financial information, the IG found. CBP also did not follow certification and authentication standards for its financial systems, nor did it regularly review employee access rights or enforce a strong password policy. The IG also found other policies not followed, such as cutting off access after 45 days of inactivity. The audit was conducted by KPMG under a contract to the inspector general.

Check out all of Federal News Radio's coverage of cybersecurity issues here.