SAN ANTONIO, Texas — CPS Energy said while there is a heightened sense of awareness, a cyberattack could happen, but these threats are not new. The power company has been taking precautions for some time, including some actions most of us are taking.
Customers do not see it when they turn on the lights. But behind the scenes, the utility is protecting our power, says Shanna Ramirez, legal counsel for CPS Energy.
“We are in constant contact with our federal agency partners, our military partners, industry partners and our municipal entity partners to share intelligence on a near real-time basis to understand what everybody is seeing on their systems, and what can we share to make sure that we’re all the best protected here in our community,” said Ramirez. “We have been doing exercises and drills to make sure that we are ready to respond to this threat.”
Some money from the recent rate increase will go towards technology updates, but CPS Energy assured customers, right now, the system is secure.
“We have been putting dollars into our cybersecurity for years,” Ramirez said. “The dollars that we requested as part of the rate case really are for technology upgrades that will need to be secured, but that’s looking forward. Right now, we have fantastic tools in place.”
Plus, while Texas is on its own electrical grid, it still follows federal regulations for cybersecurity.
“There are some minimum criteria for what needs to be done with some real fines and some instituting of new standards over the years. That’s been an ongoing evolution and getting better and better,” said Jesson Bradshaw, energy consultant for Energy Ogre.
Just like most of us, CPS Energy employees are going through cybersecurity training so hackers have a harder time.
“Things like maintaining a strong password strength and complexity, things like making sure you’re not clicking on unknown links in emails and looking at our internet activity for anomalies and things that just shouldn’t be there, backing up our data,” Ramirez said.
Plus, the power company is extending its security outside of its facilities.
“Our other industry partners have to be secure, our vendors, our suppliers, all those folks that we plug into electronically every single day,” Ramirez said.
It is not just cybersecurity is not the utility's only focus. The physical security of its facilities is also being addressed.
“I’m a lot less worried about cybersecurity than I am physical security,” Bradshaw said. “That would be a bigger concern that I would have. I do know that there are layers and layers of security associated with this. I would be surprised if it were relatively easily breached.”
Yet, CPS Energy also asked customers to prepare, too, because the power can go out at any time because of a cyberattack or natural disaster.
“We very much depend upon our electricity infrastructure and it usually operates so flawlessly on a day in and day out basis that we don’t really pay much attention to it because it just works,” Bradshaw said. “But it does make sense for us to have, you know, a consistent amount of preparedness, whether it be flooding, winter storms, or if we had a heatwave or some type of crisis that those types of things are in put in place where you’re trying to spend a little bit of time ahead of time thinking about, okay, what would happen if I had to go without electricity for 12 or 24 or 36 hours?”
That includes having an emergency kit of food, water, medications and money.
You can also help CPS Energy keep the lights on by making sure you have a strong password for your online CPS Energy account. It is one more challenge and layer of security hackers to have to crack.