Thursday, October 6, 2011

Electric Utility Silo Busting Strategies Emerge from Smart Grid Security Summit West


One theme kept surfacing across panels at the conference this year. It was that as Smart Grid projects increasingly lead utilities' cybersecurity professionals, most often reared in the IT world, to wade into non-IT business divisions, there are better and worse ways for making connections across organizational silos or stovepipes.

In one case, a senior security professional cited the responsiveness he gets from being a direct report to the COO. Some said top-down power can spur instant movement, though it's likely not helpful for creating and maintaining sustainable good will over time.

Another, less senior guy said that at first he used to try to impress folks in operational organizations with his technical and security credentials up front.  And man, did that approach bomb.

He reported quickly learning that a more humble approach was far more effective. These days, this same guy simply begins with something like, "Hi, I'm John from IT, and I'd like to learn more about your business" and gets better cooperation every time.

Remember the embedded journalists in Iraq? They lived/slept/ate/worried/celebrated and sometimes were wounded or killed alongside the soldiers they were closest to. I think one approach a large utility might employ to infuse more security awareness and capability into its different business units might employ something like this approach.

I suggest that trust is the industrial-strength, organizational-stovepipe-dissolving solvent of first choice. And that  other forms of soft power will go much further in bridging the cultural divides required to foster a most security conscious climate, enterprise-wide. OK, I'll leave it at that for now.

Image credit: CStreet360 on Flickr.com