Rural electric cooperatives power more than 19 million businesses, homes, schools and farms in the United States. They own and maintain 42 percent of the power lines in the country and serve 42 million people through mostly small and mid-sized companies.
These co-ops need to band together to tackle big challenges such as cybersecurity. With that in mind, the National Rural Electric Cooperative Association, which represents nearly 900 co-ops across the country, is working with the American Public Power Association and the U.S. Department of Energy on a $15 million, three-year program to improve both physical security and cybersecurity for local electric co-ops and similar city-owned utilities.
Improvements will help the co-ops and other small utilities as they get hit by millions of attempted cyber intrusions every day. While a cyberattack hasn’t taken down the U.S. power grid yet, the number of attempts to turn off power sources remotely is increasing.
Large, investor-owned utilities can combat these attacks by investing millions of dollars in cyber improvement. That’s not true for smaller, nonprofit organizations such as electric co-ops, which are owned by those they serve and don’t have as much funding to use for cybersecurity upgrades. That is where the DOE’s grant program comes in.
NRECA and the American Public Power Association, which represents city-owned utilities, each received $7.5 million beginning in 2016. The grants are broken into $2.5 million annual increments to be used to help smaller member utilities guard against cyberattacks. The funding is going to 150 specific co-ops. NRECA is also creating a self-assessment program that will allow its member co-ops to prioritize mitigation actions and develop a cybersecurity action plan for each organization.
Co-ops that have deployed some of the new technology made possible through the grants say they feel more informed and aware of what is happening within their systems. They are, also, continuing to see daily attempts to access their system.
That is why NRECA has used this program to develop a culture of cybersecurity rather than pursuing just one technology that will solve all problems. Cybersecurity is an ongoing process that will be assisted through 2019 with these DOE grants.