skip to Main Content
GridSME Welcomes Mark Rabuano as Director of Regulatory Compliance
October 12, 2018

GridSME Welcomes Mark Rabuano as Director of Regulatory Compliance

Grid Subject Matter Experts is excited to announce its new addition to the team, Mark Rabuano, as the Director of Regulatory Compliance. Mark has a strong legal background and substantial experience in energy regulation and compliance for public utilities and independent power producers. By joining GridSME, Mark will assist our GO/GOP clients by maintaining programs that mitigate and manage the risk of potential NERC compliance violations.

Prior to joining GridSME, Mark worked for the NAES Corporation from 2016 to 2018 as the Manager of NERC Services, where he directed management and oversight of 70+ NERC GO/GOP compliance programs, including implementation of procedures and internal controls necessary to maintain NERC compliance. Mark also worked at PacifiCorp from 2010 to 2016 in various roles including Senior Counsel of Pacific Power.

Mark graduated from UCLA Anderson School of Management with a Master’s in Business Administration, the University of Pennsylvania Law School, Juris Doctor, and Wake Forest University, Bachelor of Arts in History and Communication.

Mark currently resides in Redmond, Washington and will telecommute with frequent visits to the GridSME office.

Welcome Mark!

The Recent Attacks on U.S. Nuclear Plants – Perspective for Your Environment

Throughout the first two weeks of July, news articles with sensational headlines warning of cyber attacks targeting nuclear plants were found throughout news outlets across the world. Keen readers may have noticed some parallels between those articles and the recent NERC Alert regarding the advanced persistent threat (APT) detected by the FBI and DHS—if you assumed both were describing the same threat, you were right.

So if the threats are credible, and they are in fact targeting nuclear plants on U.S. soil, why shouldn’t you be freaking out just yet?

Read the full post here.

NERC Alert – Advanced Persistent Threat – Remediation Recommendations

When it rains, it pours—and its pouring in the cyber security world right now. Below is the first of many detailed cyber security recommendations and implementation guidelines we are releasing to help raise awareness, share information, and collectively improve our security posture as an interconnected grid. We are taking these threats seriously and we hope you are too.

An advanced persistent threat (APT) has been identified by the FBI and DHS, and documented in both a Joint Analysis Report (JAR) and the NERC Alert issued June 30, 2017.

Read the full post here.

NERC Alert – Crash Override – Challenging Beliefs

A NERC Alert issued June 13, 2017 advises on the Crash Override malware found to be behind the December 2016 attack on the Ukrainian power grid. While the NERC Alert provides many great details on the malware’s technical characteristics, the fact of the matter is Crash Override is among the most sophisticated ICS-specific malware variants ever detected, with the ability to “cause loss of visibility, loss of control, manipulation of control, interruption of communications, and deletion of local and networked critical configuration files.” Perhaps most concerning is the malware’s ability to be easily tailored to specific ICS environments, communication protocols, and devices.

This type of sophisticated malware forces us to rethink some common predisposed cybersecurity beliefs:

Read the full post here.

NERC Report on August 2016 Solar PV Disturbance

On June 8th, NERC issued a report that stemmed from a joint NERC/WECC investigation into the loss of solar generation that occurred on August 16, 2016 resulting from line faults due to a nearby wildfire. “By the end of the day, the SCE transmission system experienced thirteen 500 kV line faults and the LADWP system experienced two 287 kV faults … four of these fault events resulted in the loss of a significant amount of solar photovoltaic (PV) generation” including a “single loss of nearly 1,200MW.”

Read More
GridSME’s Andrew Dressel Published in Hydro Review on NERC CIP Version 5
August 4, 2014

GridSME’s Andrew Dressel Published in Hydro Review on NERC CIP Version 5

  • August 4, 2014
  • NERC

NERCLogo

Last month, GridSME’s Andrew Dressel was featured in Hydro Review’s July 2014 issue.  His article, “NERC CIP Version 5: Impact to Hydro Owners and Operators,” focuses on the background of CIP standards, the upcoming CIP Version 5 transition, and areas of concern regarding its implementation in the hydroelectric realm.  Amongst these concerns, he highlights high watermarking as well as configuration change management and vulnerability assessments.  He advises those who haven’t begun preparation for the April 1, 2016 implementation date to start immediately and provides a list of resources that should be considered by anyone looking to stay compliant.

For more information about Hydro Review Magazine, you can go to their website: http://www.hydroworld.com/index/current-issue-index.html

Back To Top