The Asset to Vendor (A2V) Network for power utilities, a joint venture between Fortress Information Security and American Electric Power (AEP) birthed in November, 2019, aims to promote collaboration among electric companies to protect the U.S. power grid from cyber threats.
One of the nascent association’s guiding principles for member energy suppliers is to reduce the costs associated with cybersecurity regulatory compliance to cope with budgetary limitations. Another is the ability to contribute their own completed risk assessments for purchase by the network and to receive a portion of the proceeds to recoup some of their costs. Yet another is to add to the national cyber risk assessment briefcase for utilities.
In June 2020, A2V landed its first partner in Atlanta-based Southern Company. Now the venerable Hitachi ABB Power Grids said it has joined the A2V group, toting its cybersecurity preparedness with U.S. and Canadian power utilities to share.
Hitachi ABB is a major supplier of grid infrastructure, operations and control systems for power utilities throughout the U.S., headquartered principally in Switzerland and in Raleigh, North Carolina, with power grid operators in North America deploying its energy technology capable of “withstanding cyber threats from multiple threat actors,” the company said. It intends to share responses to cybersecurity assessment requests from the company with current AEP and Southern members and future participants.
"Utilities are required to conduct cybersecurity assessments of many of their vendors to remain in compliance with regulatory requirements,” said David Goddard, who heads Digital at Hitachi ABB. “By sharing information through the Asset to Vendor Network, Hitachi ABB Power Grids is simplifying the process for utilities and reducing the amount of effort and cost involved in completing multiple, similar assessments. This in turn frees up resources for all concerned, enabling them to focus on their core businesses, maintaining strong, reliable and resilient grids."
Drawing on information from multiple vendors housed in a single location, A2V members can access standardized assessments that will lower their risk and expedite their compliance with Critical Infrastructure Protection standards from the North American Electric Reliability Corporation, Fortress said. In addition, A2V is also helping utilities comply with the White House's new Executive Order on the acquisition and installation of bulk power system equipment sourced from foreign adversaries. In July, the Federal Communications Commission formally banned Chinese telecom equipment makers Huawei and ZTE, long alleged by U.S. officials to be glaring threats to national security, from supplying gear to U.S. installations.
Hitachi ABB Power Grid: More Perspectives
"Hitachi ABB Power Grids is making a huge statement that transparency and trust is core to their business," said Alex Santos, chief executive and co-founder of the Orlando, Florida-based Fortress. "This action will make the grid safer. Because of Hitachi ABB Power Grids' participation, utility companies will be better positioned to take fast action to protect their customers and physical assets from cyber threats."
It’s a similar sentiment to what Santos expressed when Southern joined the network. “The utility industry, like no other, is built on the foundation of collaboration. When faced with a challenge, whether it be a natural disaster or an attack on a power grid, the industry comes together,” he said at the time.
Power utilities share many of the same supply chain vendors for equipment, software and services for their Bulk Electric Systems, an industry practice that hackers have exploited in an increasing number of attacks on the energy grid.
