Accessibility/Mobile Features
Skip Navigation
Editorial News
Classified Sites


Hydro found lacking in its attention to cyber-security

Is Manitoba Hydro prone to a cyber-attack? Could the lights go off because of a hacker, terrorist, disgruntled employee or hostile government? Or could simple equipment failure or bad weather cause havoc?

That's what the province's auditor general set out to find in an examination of the Crown corporation's fail-safes in its industrial control systems (ICS).

Auditor general Carol Bellringer said ICS controls and monitors much of Hydro's electrical generation, transmission and natural gas distribution system.

"Everything going into the electrical system has a computer control that's really critical," she said. "What we found (was) the attention to the full risks was insufficient."

Specifically, the audit looked at Hydro's compliance to the North American Electric Reliability Corporation's (NERC) critical infrastructure protection standards, which include cyber-security control.

The audit sets out a number of recommendations Hydro should follow to meet NERC compliance -- recommendations the utility says it's already addressing.

They include conducting an internal assessment of its ICS cyber-security risks, including cyber-security as a corporate risk, and assigning corporate-wide cyber-security to one executive and corporate-wide physical security to one executive. It should also develop and deliver a security training and awareness program for all staff involved with ICS systems.

Why does it matter?

"To monitor and control the generation, transmission and distribution of electricity, as well as the distribution of natural gas, Manitoba Hydro uses many industrial control systems (ICS)," said the Office of the Auditor General. "We chose to audit Manitoba Hydro's ICS systems because of the significant impact that a loss in the reliable flow of power and gas can have on public safety and on the provincial economy.

"ICS systems control and monitor actual physical devices that, if compromised, could result in unintentional and/or inappropriate commands that could lead to equipment malfunction, causing significant risk to the health and safety of Manitobans as well as the environment. It is essential that the risks to ICS systems are properly managed."


Source: the Office of the Auditor General

  • Rate this Rate This Star Icon
  • This article has not yet been rated.
  • We want you to tell us what you think of our articles. If the story moves you, compels you to act or tells you something you didn’t know, mark it high. If you thought it was well written, do the same. If it doesn’t meet your standards, mark it accordingly.

    You can also register and/or login to the site and join the conversation by leaving a comment.

    Rate it yourself by rolling over the stars and clicking when you reach your desired rating. We want you to tell us what you think of our articles. If the story moves you, compels you to act or tells you something you didn’t know, mark it high.

Sort by: Newest to Oldest | Oldest to Newest | Most Popular 0 Commentscomment icon

You can comment on most stories on You can also agree or disagree with other comments. All you need to do is register and/or login and you can join the conversation and give your feedback.

There are no comments at the moment. Be the first to post a comment below.

Post Your Commentcomment icon

  • You have characters left

The Brandon Sun does not necessarily endorse any of the views posted. Comments are moderated before publication. By submitting your comment, you agree to our Terms and Conditions. New to commenting? Check out our Frequently Asked Questions.


Make text: Larger | Smaller

2017 Brandon Sun Community Leader Awards
Brandon Sun - Readers Choice Results
Why Not Minot?

Social Media