The city of Miami and several commercial partners plan to rollout a "smart grid" citywide electrical infrastructure by the year 2011. This rollout proceeds on the heels of news that foreign agents have infiltrated our existing electrical infrastructure and that recent penetration tests have uncovered numerous vulnerabilities in the proposed technologies. Simultaneously, the National Institute for Standards in Technology (NIST) has recently released a roadmap for producing Smart Grid standards. In this Turbo Talk, I will discuss the flaws with the current guidelines and map them to the criticisms of similar regulatory mandates, including the Payment Card Industry Data Security Standard (PCI DSS), that rely heavily on organizations policing themselves.
<strong>Tony Flick</strong> has been working in the Information Security field for more than 6 years. As a security consultant, Mr. Flick has assisted numerous organizations in achieving compliance with federal regulations and industry standards. His expertise includes risk management and compliance, assessments and audits, and research in emerging technologies. Mr. Flick has previously presented at the OWASP Tampa local chapter on application security concepts.