At the Frontline: A Q&A with Georgia Power's Anne Gibbons

Senior Security Analyst Anne Gibbons discusses the process of securing a prominent regional utility provider adn preparing for emergencies


[Editor's note: 'At the Frontline' is part of a joint interview that Security Technology & Design and SecurityInfoWatch.com do each month with a top-level security director. For the rest of this interview, see page 68 (the back page) of the April 2005 issue of Security Technology & Design magazine.]

Name: Anne M. Gibbons, CPP, RPA
Title: Building and Asset Security Analyst, Sr.
Company: Georgia Power Company
Years in Industry: 20
Most Recent Security Technology Purchase: Security management system based on high-end access control product

How does Georgia Power validate the identity of employees? Are you using multi-factor authentication (for example, a biometric authentication and an access card) at many of your facilities, or is this reserved only for high-security operations? Part of the security detail is to keep untrained, unauthorized persons away from the nuclear, coal and hydro plants. What new perimeter security technologies and intrusion detection systems have you researched or found that have gained your interest? Your reservoirs not only have industrial/utility purpose, but also create lots of recreational opportunities. How do you balance the need to secure power-generating facilities with the need for access by local recreation enthusiasts? Does this dual need make perimeter security a greater challenge? Facial recognition systems have been widely criticized in public applications as invasions of privacy, but they are widely marketed to nuclear and power plants, specifically for access control. Have these systems matured to the point that they are suitable for the high-security applications they target? Do you incorporate disaster or attack simulations into emergency preparedness training? If so, how are local officials involved in these efforts? What part do such exercises play in the evolution of contingency planning?
Potential cyber terrorism against critical infrastructure facilities has been increasingly highlighted in recent years, particularly after an Ohio nuclear plant's network was temporarily affected by the Slammer worm in 2003. Do you believe cyber terrorism is a significant threat to U.S. utilities? How do you work with other departments to increase security against and awareness of this threat? Damage to transmission lines and distribution lines poses great economic and public safety concerns, and yet there is such a great web of them across the state that securing them must pose a particular challenge. Do you have security technology in place to protect the lines, or do you rely on human factors for this level of protection?