Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry. – SunSpec Alliance

April 17, 2023

Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry

Abstract

Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware. Security researchers and others examine software and hardware products to find flaws. When flaws are found, and to preempt bad actors from finding and exploiting the flaws themselves, individuals inform vendors of the affected products so that defects can be eliminated. Sounds easy, right?

Unfortunately, vulnerability disclosures can be tricky. While vendors often prefer to wait until they know a problem is solved before disclosing to their customer bases, customers–whose data or systems may be at risk–prefer quick public disclosure and immediate resolution.

How can we balance these divergent interests, get the word out in a responsible and timely manner, and keep the energy grid going? In this one hour session, our panel of experts will explore this topic and describe how practitioners can manage disclosure in a responsible way.

Our panelists include Tom Tansy, Jay Johnson and special guests from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitre Corporation.

Tom Tansy

CEO of DER Security Corp
Chairman of SunSpec Alliance

Jay Johnson

Principal Member of Technical Staff at Sandia National Laboratories

You might also like

May 7, 2025

Webinar Recap – Accelerating 2030.5 & 1547 Certification – How QualityLogic is Advancing Interoperability and Conformance

  SunSpec Alliance recently hosted an insightful technical webinar featuring QualityLogic, the official SunSpec Test Software Provider, who shared their

April 28, 2025

SunSpec Alliance at the SF Climate Week Hackathon

What happens when open-source innovation meets clean energy collaboration? A lot of bright ideas. SunSpec Alliance had a blast supporting

April 21, 2025

Webinar Recap – Unlocking Grid Flexibility: Updates on Flexible Service Connection & 2030.5 CSIP

This SunSpec Alliance webinar brought together leading experts to explore how flexible service connections are unlocking new grid capacity and