Utility Security Podcast

Utility Security Podcast - Deep Dive - Rocking the Boat - Why Utility Security Must Challenge the Status Quo

In the utility sector, the most formidable adversaries aren't always external threats. Often, the biggest hurdles are internal: complacency, misconceptions, and parochialism. In this episode, we dive into the critical need to challenge the "if it ain't broke, don't fix it" mindset. Discover why this internal resistance can be more dangerous than any external threat actor and learn practical strategies to dismantle these obstacles, foster a holistic security culture, and build a truly resilient and sustainable protection stance for our critical infrastructure.   Read the article written by Jim Willis - https://utilitysecurity.com/blog/rocking-the-boat-why-challenging-the-status-quo-is-essential-for-protection/ Key Takeaways   * Internal Obstacles are Formidable: The greatest challenges to enhancing utility security are often internal biases and resistance to change, specifically complacency ("it hasn't happened yet"), misconceptions about security, and parochialism (departmental silos). * Complacency is the "Silent Assassin": A false sense of security, often built on a long period without a critical incident, leads to relaxed protocols and slashed budgets, leaving the organization vulnerable. * Compliance Does Not Equal Security: Simply meeting minimum regulatory standards (like NERC-CIP) is not a comprehensive security strategy. A robust posture must be proactive, holistic, and continually evolving. * Security is a Shared Responsibility: Effective security is not just an IT problem, a silver bullet technology, or the sole responsibility of law enforcement. It requires a collaborative, "all-hands-on-deck" approach that breaks down departmental silos and involves every employee. * Challenging the Status Quo is Essential: To stay ahead of evolving threats, security professionals must be willing to "rock the boat" and push for change, even if it's unpopular. This involves fostering cross-departmental collaboration, promoting an "all in the same boat" attitude, and leveraging industry partnerships. 3 Questions & Answers   1. Q: The article mentions "complacency" as vigilance's silent assassin. Why is this specific mindset so dangerous in the utility industry? A: Complacency is dangerous because security threats are often intangible and can be easily overlooked. A utility might go decades without a major incident, which creates a false sense of security. This "it hasn't happened yet" attitude leads to security budgets being cut, protocols becoming optional, and a static security posture that is completely unprepared for the modern, evolving threat landscape. 2. Q: What is one of the biggest misconceptions about security that the article debunks? A: A primary misconception is that compliance equals security. Many utilities believe that by meeting the minimum regulatory requirements, like NERC-CIP standards, they are secure. The article argues that this is just "ticking off boxes." A truly robust security stance is proactive, inclusive, and protects against emerging threats on all fronts, going far beyond any minimum compliance standard. 3. Q: The article talks about "parochialism," or departmental silos. How can an organization overcome this "it's not my problem" mindset? A: To overcome parochialism, security must be redefined as a corporate-wide effort. The article suggests fostering cross-departmental collaboration through joint security task groups (with members from IT, OT, physical security, HR, etc.), promoting an "all in the same boat" attitude through comprehensive training so every employee understands their role, and leveraging industry partnerships like ISACs to build a strong collective defense.   #UtilitySecurity #CriticalInfrastructure #CyberSecurity #SecurityCulture #RiskManagement

Utility Security Podcast - Deep Dive - Substation Intrusion - Are You Ready To Respond?

Utility Security Podcast - Deep Dive - Substation Intrusion - Are You Ready To Respond? Written by Ross Johnson [https://utilitysecurity.com/blog/author/rossjohnson/] on August 26, 2025. Posted in Infrastructure Security [https://utilitysecurity.com/blog/category/infrastructure-security/].   A critical security breach at a power substation on Christmas morning. It’s a nightmare scenario, but one that utilities must be prepared for. In this episode of the Utility Security Podcast, we explore the vital, yet often overlooked, steps required to forge an unbreakable link between utility security and local law enforcement. Discover why a simple 911 call is a "massive failure in preparation" and how to proactively equip police with the context and logistical details they need for a rapid and effective response. Dive deep into the strategies that can drastically reduce police response times, as highlighted in a real-world case study from the Pacific Northwest where coordination slashed response from 12 to just 5 minutes. Learn about the importance of sharing threat intelligence, prioritizing critical sites, and using innovative tech like What3words for pinpoint location accuracy. For a more in-depth look at this topic, check out our companion article: Substation Intrusion: Are You Ready to Respond? [https://utilitysecurity.com/blog/substation-intrusion-are-you-ready-to-response/]   Key Takeaways * Proactive communication is key: Don't wait for an emergency to establish a relationship with local law enforcement. Regularly share intelligence, detail the potential community impact of an outage, and jointly develop response plans. * Response time dictates physical security: The time it takes for police to arrive directly informs the level of physical hardening required for a substation. A longer response time necessitates stronger fences, gates, and locks. * Scripting 911 calls is crucial: Vague language can lead to a low-priority dispatch. Use pre-agreed, scripted phrases that clearly communicate the severity of the situation to ensure an immediate, high-priority response. * Technology can save precious minutes: Tools like What3words for precise location mapping and secure, real-time video feeds can provide law enforcement with invaluable situational awareness during an incident. * Joint training is non-negotiable: Conduct regular walkthroughs and scenario-based drills with police to test communication protocols and identify weaknesses in the response plan before a real incident occurs.   Questions and Answers Q1: Why is simply calling 911 during a substation intrusion considered a "massive failure in preparation"? A1: It's considered a failure because, without prior coordination, the 911 dispatcher and responding officers will lack the critical context to understand the severity of the event. They may treat the call as a simple trespassing or property damage incident, leading to a delayed, low-priority response. This lack of preparation means the police won't have the necessary logistical information, such as access codes, key locations, or an understanding of the immense public safety risk, which could result in catastrophic damage before they can effectively intervene.   Q2: What is the "de-energization dilemma" and how can utilities solve it? A2: The "de-energization dilemma" refers to the fact that police officers are not trained to and will not enter a high-voltage substation while it is energized due to the extreme danger. To solve this, utilities must establish a clear, rapid, and rock-solid internal procedure for de-energizing the site, or a specific part of it, to allow for safe entry. This includes designating who has the authority to make that call 24/7 and ensuring they can be contacted instantly. This entire process should be practiced in joint drills with law enforcement.   Q3: How does police response time directly influence a substation's physical security engineering? A3: The estimated police response time is a foundational metric for designing a substation's physical security. The security measures—fences, gates, locks, and other barriers—must be engineered to resist intruders for a duration that is at least as long as the police response time. For example, if the police have a guaranteed 12-minute response time, the facility's physical barriers must be rated to delay an intruder for a minimum of 12 minutes. If the delay rating is less than the response time, you have engineered a "window for failure".   #UtilitySecurity #CriticalInfrastructure #GridSecurity #PhysicalSecurity #SubstationSecurity #EmergencyResponse

Utility Security Podcast - How Lidar & 3D Modeling are improving Utility Security

Editor Curtis Marquardt has a conversation with Martin Vojtek from Hexagon to discuss their work with EG. D, a Czech Republic Electric Utility that serves nearly three million customers, to secure substations using Lidar technology. Vojtek shares what expectations EG.D had for the technology and how they utilized the solution to not only achieve security goals, but safety and maintenance goals as well.   Tune in to stay updated and informed about securing our nation's utilities! Subscribe to Utility Security Magazine at no cost! - https://utilitysecurity.com/subscribe-now/ [https://utilitysecurity.com/subscribe-now/]   #UtilitySecurity #DisasterResponse #CriticalInfrastructure #UtilityResilience #Lidar

Utility Security Podcast - Disaster Response Security - Proven Strategies with VRP Group’s Ross Falisi

In this episode of the Utility Security Podcast, host Curtis Marquardt, Jr. sits down with Ross Falisi of VRP Group—a seasoned expert in utility and disaster security. As hurricane, flood, and wildfire seasons ramp up, utilities must prepare to protect both their people and their reputation in the face of increasing threats—from natural disasters to civil unrest and targeted attacks.   Ross shares actionable strategies drawn from real-world experience, including how to build effective disaster response plans, why flexibility (or “Semper Gumby”) is essential, how to safely manage worker camps, and why hiring the right kind of security firm can make or break your operation. Whether you’re a utility executive, storm boss, or security leader, this episode is packed with frontline-tested insights that can help you prevent chaos, control risk, and come out of a crisis stronger than before.   Key Takeaways: * Preparation is critical, but flexibility is what sustains effective disaster response. * Command and control structures are vital—especially in chaotic, resource-limited environments. * Camps for crews must be secured and alcohol-free to reduce risk of injury, crime, and reputation damage. * Not all security is created equal: Vet security vendors thoroughly and ensure they specialize in disaster environments. * Community engagement, cultural awareness, and proper de-escalation training are essential to protect both workers and public relations.   3 Q&As from the Episode:   Q1: Why should utilities prohibit alcohol in worker camps during disaster response? A: Because 90% of camp incidents—injuries, assaults, and more—can be linked to intoxication. Eliminating alcohol drastically reduces operational risk. Q2: What’s “Semper Gumby” and why is it important? A: It’s the mindset of staying flexible. Even with a great plan, conditions change fast. Flexibility helps teams adapt while maintaining control and safety. Q3: Why are off-duty police officers not always the best security option? A: While experienced, they’re legally bound to public duties first. In disaster scenarios, this can compromise your assets and operations. Specialized, contracted security teams ensure focus, structure, and accountability.   Tune in to stay updated and informed about securing our nation's utilities! Subscribe to Utility Security Magazine at no cost! - https://utilitysecurity.com/subscribe-now/ [https://utilitysecurity.com/subscribe-now/]   #UtilitySecurity #DisasterResponse #CriticalInfrastructure #UtilityResilience #FieldCrewSafety #StormRecoverySecurity

Utility Security Podcast: Defending Utilities from the Drone Threat: Expert Strategies with Bill Edwards

In this episode of the Utility Security Podcast, host Curtis Marquardt welcomes back Bill Edwards of Phoenix 6 Consulting to discuss the growing threat of drones (UAS) to critical infrastructure. They explore how rapidly evolving drone technology—like first-person view (FPV) control and signal-dark modes—poses unique detection and mitigation challenges. Bill breaks down the latest federal executive orders, outlines proactive, low-cost steps utilities can take now, and emphasizes the importance of risk assessment, training, and layered detection strategies. Whether you’re a utility security professional, emergency planner, or critical infrastructure manager, this episode provides expert insight on preparing for the next wave of air-domain threats. Stay ahead of evolving risks and learn practical ways to safeguard your assets, teams, and communities against this rapidly growing challenge.   Tune in to stay updated and informed about securing our nation's utilities! Subscribe to Utility Security Magazine at no cost! - https://utilitysecurity.com/subscribe-now/ [https://utilitysecurity.com/subscribe-now/]   ✅ Key Takeaways 1. Drone technology is evolving rapidly—with new capabilities like FPV control and signal-dark modes making detection harder. 2. Executive Orders signal growing federal support—but mitigation authority remains largely federal, requiring local facilities to prepare now. 3. Proactive planning matters—even without mitigation authority, utilities can do risk assessments, training, and policy development. 4. Layered detection is key—combining RF sensors, radar, optical, and acoustic approaches. 5. Education is foundational—understanding the threat ecosystem is essential for smart, cost-effective security investments.   3 Questions and Answers   Q1: Why is the drone threat to utilities growing so quickly?   A: Drone technology is advancing in weeks, not years. Features like first-person view (FPV), improved payload capacity, and “dark mode” make drones cheaper, easier to control precisely, and harder to detect. Q2: What can utilities do if mitigation authority is federal-only?   A: They can still act now with low- or no-cost steps: educate leadership, assess vulnerabilities, develop emergency response plans, and integrate air-domain awareness into existing security programs. Q3: How can utilities improve drone detection?   A: By implementing layered detection strategies using radio frequency sensors, radar for non-emitting drones, high-fidelity optical cameras, and acoustic sensors—ensuring redundancy and coverage.   #UtilitySecurity #DroneThreat #CriticalInfrastructure #AirDomainAwareness #EmergencyPreparedness