Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry. – SunSpec Alliance

Events - SunSpec AllianceMember News - SunSpec AllianceMember Only News - SunSpec AllianceNews - SunSpec AllianceUncategorized - SunSpec Alliance
April 17, 2023

 

Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry

Abstract

Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware. Security researchers and others examine software and hardware products to find flaws. When flaws are found, and to preempt bad actors from finding and exploiting the flaws themselves, individuals inform vendors of the affected products so that defects can be eliminated. Sounds easy, right?

Unfortunately, vulnerability disclosures can be tricky. While vendors often prefer to wait until they know a problem is solved before disclosing to their customer bases, customers–whose data or systems may be at risk–prefer quick public disclosure and immediate resolution.

How can we balance these divergent interests, get the word out in a responsible and timely manner, and keep the energy grid going? In this one hour session, our panel of experts will explore this topic and describe how practitioners can manage disclosure in a responsible way.

Our panelists include Tom Tansy, Jay Johnson and special guests from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitre Corporation.

 

Tom Tansy
CEO of DER Security Corp
Chairman of SunSpec Alliance

 

Jay Johnson

Principal Member of Technical Staff at Sandia National Laboratories

 

 

You might also like

February 13, 2025
Event Recap Posts - SunSpec AllianceEvents - SunSpec AllianceMember News - SunSpec AllianceMember Only News - SunSpec AllianceNews - SunSpec AllianceVideos - SunSpec AllianceWebinars - SunSpec Alliance

Webinar: SunSpec – Intersolar & Energy Storage North America

January 16, 2025
Industry

Annual members meeting – SunSpec Alliance

Companies and individuals who want to drive standards in the Distributed Energy industry should join the SunSpec Alliance. Our objective is to accelerate the growth of the renewable energy economy by enabling SunSpec Alliance members to leverage the benefits of automation, interoperability, economies of scale, and full participation in the Smart Grid.

December 20, 2024
Uncategorized - SunSpec Alliance

SunSpec Accepts Nomination to Manage CSIP Test Procedures – SunSpec Alliance

SunSpec Alliance to Lead IEEE 2030.5 CSIP Stewardship Following CPUC Decision The California Public Utilities Commission (CPUC) has approved the