GlobalSign News & Events

8 November 2012

GlobalSign Report Explains Why the Federal Energy Regulatory Commission Investigated Electric Industry Security Standards

Allegations that Certificate Authorities Violated Security Standards Proven Unfounded

Boston, MA - November 8 2012 - GlobalSign (www.globalsign.com), one of the leading providers of SSL Digital Certificates worldwide, today published its Federal Energy Regulatory Commission (FERC) Investigation Analysis Report. The report explains why FERC conducted a recent investigation into North American Energy Standards Board (NAESB) Public Key Infrastructure (PKI) cyber security standards, which are designed to reduce risk within the Wholesale Energy Quadrant, and also provides a summary of FERC's findings.

In July, at the request of Senators Joe Lieberman, I-Conn., and Susan Collins, R-Maine, FERC began an investigation to determine whether or not allegations were true that Certificate Authorities (CAs) were placing the Electric Sector in jeopardy by providing the wholesale energy industry with SSL Digital Certificates that did not comply with NAESB PKI standards.

In August, FERC concluded that no CAs had issued any digital certificates that violated standards or regulations. FERC further said that assertions the Electric Sector was in jeopardy due to alleged violations were also unfounded. FERC stated: NAESB standards are aimed at facilitating the security of commercial transactions, and are separate from the obligation of affected utilities under section 215 of the Federal Power Act (FPA) to take steps to ensure the cybersecurity of the bulk-power system.

"There is significant misunderstanding when it comes to the electric grid's strengths and vulnerabilities and how it is protected against cyberthreats — misunderstanding that causes fear, uncertainty and doubt, as well a misallocation of scarce security resources," said Lila Kee, chief product and marketing officer at GlobalSign and board member of the North American Energy Standards Board (NAESB) Wholesale Electric Quadrant end-users segment. "FERC did an excellent job of debunking the false allegations and revealing the truth. We are making our analysis freely available to any organization or individual who needs to understand the differences between commercial power systems and bulk-power systems, and related security risks."

In addition to summarizing the FERC investigation findings, the GlobalSign FERC Investigation Analysis Report provides background on different sectors of the electric industry and identifies the key government agencies that regulate electric power providers. The report also includes:

•   An executive summary of the situation leading to the investigation and the report's conclusions

•   Definitions of PKI and SSL Digital Certificates

•   An explanation of the role CAs play in the electric sector

•   A comprehensive Q & A that provides related facts and background information

To access the GlobalSign FERC Investigation Analysis Report visit: https://www.globalsign.com/resources/globalsign-ferc-analysis-report.pdf.

To access the complete FERC investigation report visit: http://www.ferc.gov/EventCalendar/Files/20120827175825-EL12-86-000.pdf.

About GMO GlobalSign

GlobalSign, founded in 1996, is a provider of identity services for the Internet of Everything (IoE), mediating trust to enable safe commerce, communications, content delivery and community interactions for billions of online transactions occurring around the world at every moment.  Its identity and access management portfolio, acquired from Ubisecure in September 2014, includes access control, single sign-on (SSO), federation and delegation services to help organizations and service providers create new business models for customer and partner interactions.  The former Ubisecure operation is now the GlobalSign Center of Excellence for IAM, located in Helsinki, Finland. GlobalSign’s solutions are designed to address the massive scalability demanded by the emerging $14.4 trillion IoE market, where the ability to make secure networked connections among people, processes, data and things, will require that every “thing” have a trusted identity that can be managed.  The company has offices in the U.S., Europe and throughout Asia.  For the latest news on GlobalSign, visit www.globalsign.com or follow GlobalSign on Twitter (@globalsign ).

About GMO Cloud KK

GMO Cloud K.K. (TSE: 3788) is a full-service IT infrastructure provider focused on cloud solutions. Established as a hosting company in 1996, the company has managed servers for more than 130,000 businesses and now has 6,500 sales partners throughout Japan. In February of 2011, the company launched GMO Cloud to enhance its focus on cloud-based solutions. Since 2007, the company has also grown its GlobalSign SSL security brand through offices in Belgium, U.K., U.S., China and Singapore. For more information please visit http://ir.gmocloud.com/english/ .

GMO Internet Group

GMO Internet Group is an Internet services industry leader, developing and operating Japan’s most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also comprises the world’s largest online FX trading platform, as well as online advertising, Internet media, and mobile entertainment products. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information please visit http://www.gmo.jp/en/.

Share this article

Back to GlobalSign Newsroom

Media Relations

For further information on GlobalSign press releases,
events or for media enquires please contact:

Janine Marchi
Communications Manager
Call: 603-570-7060
Email: press@globalsign.com