Lights Out — Destroying America, One Infrastructure at a Time

Today it is Friday, and it has been an interesting week. I watched the Republican debate with interest, and the commentary that followed. While not a major topic, the overreach of big government in regulating industry did come up during the debate. I can't deny that there is overreach at times. I won't go into the details, but here in Washington state, you can't discharge "tap water from local water systems" into Puget Sound. I think that is "overreach" in my opinion.

Then Ted Koppel's book, Lights Outcame out. There was a small splash of news, a few interviews and we've gone on our merry way. Well, I've been reading Ted's book and we should "knight him" an emergency manager since he is discovering what we've been dealing with in our profession for a long time. Risk perception guides decision-making, along with the profit motive. Self-interest trumps community and national interests. I don't expect that Ted's book will garner as much attention as theNew Yorker article, The Really Big One, but then what has changed since that piece was published? Nothing! Lots of talk; show me something that has been done.

In my earlier blog post on the book, (the full title is Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath, I had promised to look to see if he addressed electromagnetic pulse. I'm still in the early chapters, and it does brush on the topic, but more from an intentional nation state attack than from a solar storm event coming from nature. The jury is still out, but I think he missed an opportunity to provide more information on that risk, that has the same types of consequences for disrupting the electrical system — but, with more physical destruction.

The portion of the book I read today was about how the industry and the Chamber of Commerce has fought back on requiring regulations and establishing standards for "all sectors of the grid," not just the power generation and major transmission companies.

I've had two quotes on a piece of paper here on my desk for weeks. I've been wanting to comment on them and now is a good time. The first is, "Standards do not equal security." and the second quote is, "Compliance can make you complacent."  I'll throw in my own quote that I've shared earlier, "Being compliant only means doing the absolute minimum required."


I would not get too complacent because you hear that there are regulations, standards and other compliance measures in place. You first need to know who those apply to, and secondly, to what degree these are rigorous to begin with.

Like everything else we deal with, and Ted Koppel calls this out in an early chapter in his book, we are a reactionary society and not prone to preparedness and therefore not very resilient. As I've stated before, the Internet has made us much more brittle than resilient in recent years.