UTC Produces New Research Report – Utility Security and Supply Chain Risk Management
Washington, DC, July 13, 2016 – Electric utilities are taking a deeper look at security and supply chain risk. There is progress across the board: corporate security governance, understanding of threats, differentiating compliance from security, even security spending. UTC, the Utilities Technology Council, surveyed its member utilities to learn their current thinking on cybersecurity and supply chains. The results are presented in UTC’s new report, Utility Security and Supply Chain Risk Management. All respondents were utility employees – this report has the voice of utilities.
The report examines ten key issues, often with non-intuitive responses from our members:
- Utilities take a common approach to security reporting structures.
- As an industry, utilities have a consistent view of risk.
- How consistently is risk viewed within one utility?
- Most utilities spend approximately the same percentage of their OT budget on security.
- Does compliance really, truly drive security spending?
- Security policy development is not where you think it is.
- One factor indicates whether or not the Board is involved in Security.
- How well are utility security functions aligned?
- Different sized utilities think differently about supply chain risk.
- How does centralization correlate to the size of a utility?
Beyond merely reporting the responses, UTC provides analysis and links multiple questions to reach sometimes surprising about utilities’ current state of mind. The report offers recommendations for each of these ten topics. This report has something for everyone. For utilities it is a solid baseline, answering the question, “Am I doing enough about security?” For vendors and other technology partners, the report examines key points about which utilities care. The UTC report, Utility Security and Supply Chain Risk Management, can be purchased at www.utc.org/resources
The Utilities Technology Council (UTC) is a global trade association dedicated to serving critical infrastructure providers. Through advocacy, education and collaboration, UTC creates a favorable business, regulatory and technology environment for our members who own or operate Information and Communication Technology (ICT) systems in support of their core business