Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry.

Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry

Abstract

Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware. Security researchers and others examine software and hardware products to find flaws. When flaws are found, and to preempt bad actors from finding and exploiting the flaws themselves, individuals inform vendors of the affected products so that defects can be eliminated. Sounds easy, right?

Unfortunately, vulnerability disclosures can be tricky. While vendors often prefer to wait until they know a problem is solved before disclosing to their customer bases, customers–whose data or systems may be at risk–prefer quick public disclosure and immediate resolution.

How can we balance these divergent interests, get the word out in a responsible and timely manner, and keep the energy grid going? In this one hour session, our panel of experts will explore this topic and describe how practitioners can manage disclosure in a responsible way.

Our panelists include Tom Tansy, Jay Johnson and special guests from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitre Corporation.

 

Tom Tansy
CEO of DER Security Corp
Chairman of SunSpec Alliance

 

Jay Johnson

Principal Member of Technical Staff at Sandia National Laboratories

 

Subscribe

Recent Posts

Latest news from our blog

SUNSPEC ALLIANCE ANNUAL MEMBERS MEETING

Save the date Date: January 16th, 2024Time: 9am - 5pm PSTLocation: San Diego Convention CenterCost: $695, includes meals & expo passes Registration will be available on the Intersolar North America & Energy Storage North America website.SIGN UP TO BE NOTIFIED...

SUNSPEC ALLIANCE ANNUAL MEMBERS MEETING

Save the date Date: January 16th, 2024Time: 9am - 5pm PSTLocation: San Diego Convention CenterCost: $695, includes meals & expo passes Registration will be available on the Intersolar North America & Energy Storage North America website.SIGN UP TO BE NOTIFIED...

Sunspec at re+ in Las Vegas

Event #1 Unleashing the Power of Customer DERs: Achieving Grid Stability through ConnectivitySession Date: Thursday September 14, 2023Session Time: 9:30 AM - 10:00 AMTheater Location: Industry Trends, Booth #157, Sands Expo, Level 2 Session Description: The potential...

SunSpec Cybersecurity Certification Program Launch

Setting A Cybersecurity Baseline for DER Device Now Overview: Distributed Energy Resources (DER), composed of solar, energy storage, and electric vehicles, are quickly emerging as the most important elements of the electrical grid:"critical infrastructure" that...

SunSpec Alliance is the information standards and certification organization for the Distributed Energy Resource (DER) industry. SunSpec communication standards address operational requirements of solar and energy storage on the smart grid.

Powered By MemberPress WooCommerce Plus Integration