Abstract: The NERC-CIP standards are the only federally mandated cybersecurity standards for critical infrastructure in the United States. Targeting the electric system, the standards have been developed to ensure the reliability and the resilience of the electric grid and prevent catastrophic failures. Although the standards have been around for almost a decade, their role in building the resilience of the electric grid is fiercely contested, with critics claiming the standards represent little more than a ‘check box’ exercise that directs attention and resources away from achieving real security. This talk will present evidence on the effectiveness of the standards in addressing risk and offer suggestions as to how the standards might be improved to enhance resilience.
About the Speaker: Aaron Clark-Ginsberg is a U.S. Department of Homeland Security Cybersecurity Postdoctoral Scholar at CISAC. His research interests center on the theory and practice of disaster risk governance, particularly resilience and disaster risk reduction approaches. He is currently researching how government regulations designed to improve the resilience of the power grid to cyber-threats are affecting utility companies.
Aaron holds a PhD and MSc in Humanitarian Action from the University College Dublin and a BA in American Studies with a Concentration in Environmental Studies from Kenyon College. Aaron's doctoral research examined how international NGOs interacted with national stakeholders to reduce disaster risk in developing countries. As part of this, Aaron traveled to ten countries in Asia, Africa, and the Caribbean to review risk reduction and resilience building approaches addressing a variety of hazards including flooding, drought, price shocks, cyclones, landslides, erosion, disease, and conflict.
Aaron has extensive experience in real world application of risk management principles. Aaron’s PhD was in conjunction with Concern Worldwide, an international Irish humanitarian organization. While at Concern, Aaron produced a series of reports on risk management in different countries and contexts designed to improve the effectiveness of Concern’s approach to risk reduction. He has also conducted policy-focused research on humanitarian reform for the World Humanitarian Summit Irish Consultative Process, the results of which were used to help develop the Irish position on humanitarian action. Aaron also spent four seasons working as a wildland firefighter for various governmental and private sector organizations across the western United States.