Microgrids can operate as cybersecurity countermeasures
A new report from Guidehouse Insights reviews recent regulatory efforts to address emerging cybersecurity threats and explores how microgrids should be configured to reduce their vulnerability to cybersecurity risks, as well as how they can be deployed as active cybersecurity solutions.
In March 2023, the Biden administration released in March 2023 the U.S. National Cybersecurity Strategy, which envisions a broad network of networks approach to cybersecurity that distributes protective capabilities across digital topologies—much like microgrids—and makes sabotaging the bulk power grid as difficult as taking down the internet.
According to the new report, specific configurations for microgrid deployments can better protect power system components from external and internal cyberattacks. Deploying microgrids this way is also consistent with the White House’s new cybersecurity strategy, which holds software vendors and original equipment manufacturers accountable for leaving their products vulnerable to cyberattacks and even envisions creating a legal cause of action permitting victims of cyberattacks to recover damages from software vendors and manufacturers.
“To address the growing cybersecurity threats against critical components of the US power grid even as the federal government embarks on the largest expansion of US infrastructure since establishing the interstate highway system, the new National Cybersecurity Strategy shifts responsibility for cybersecurity defense from individual consumers to the private sector,” says Christopher Cooper, senior research analyst at Guidehouse Insights. “The only safe harbor for manufacturers to avoid liability is to consider cybersecurity from the design phase of a transmission and distribution expansion, deploying microgrids in ways that enhance rather than undermine cybersecurity.”
Guidehouse Insights recommends that microgrid vendors and OEMs adopt cybersecurity-by-design concepts, incorporating protective functions at the design stage of microgrid controllers, equipment, and software; When deploying microgrids, utilities and other customers should follow best cybersecurity defense practices; and microgrid vendors utilizing energy-as-a-service (EaaS) financing models should develop value-based pricing for resiliency services that accounts for the direct and indirect benefits of deploying microgrids as cybersecurity solutions, according to the report.
The report, Deploying Microgrids as Cybersecurity Solutions, reviews recent regulatory efforts to address emerging cybersecurity threats and explores how microgrids can be deployed as active cybersecurity solutions, eliminating cybersecurity threats, mitigating damages, and helping stakeholders meet new, more stringent cybersecurity regulations. An executive summary of the report is available for free download on the Guidehouse Insights website.