Will Bachman 00:00
Hello, and welcome to Unleashed the show that explores how to thrive as an independent professional. I’m your host will Bachman. And I’m excited to be here today with my friend Mike Coleman, who runs the firm’s Stratus key advisors. He’s former CIO at several different companies. Mike, welcome to the show.
Mike Coleman 00:18
Thank you. Well, it’s great to be with you.
Will Bachman 00:20
So Mike, you were most recently CIO at Emory. Tell us what it stands for and about the work that they do.
Mike Coleman 00:29
Sure. Every stands for Electric Power Research Institute. It’s a firm of a little over 1000 people with large number of PhDs, lots and lots of scientists, and they perform primary research for the power industry, both in the United States and globally. And they have several different sectors, they have a large nuclear sector. And then they focus on transmission and distribution, and generation and environment. And they’ve been around since the 1970s.
Will Bachman 01:07
So what would they do for let’s say, the nuclear industry is it. It’s a for profit organization, or
Mike Coleman 01:15
it’s actually a nonprofit organization, it’s funded by the utilities. So it’s a membership type. membership type organizations similar to Gartner, where utilities pay to join the organization, they can also pay for individual extra research, individual projects that can join together to form the research for special projects. And so in the nuclear industry, they focus a lot on safety and data analysis. Some examples of what they do is a lot of practice around non destructive evaluation. So that’s a mouthful term to describe the inspection of high pressure pipes without taking them apart. So they do X ray and sonar. And so they’re, they continually develop methods to be able to inspect power plants for safety. They have lots of training that they do. They do a lot of research, long term research around storage of nuclear fuel, and the efficient operation of the plants and that sort of thing. And then on on the transmission and distribution side, it’s everything from really basic research. Like, gentlemen, that focuses a lot on corrosion, and how to prevent corrosion, which is something like a $6 billion problem globally. But also much more advanced things like the use of drones to inspect power lines, and the possibility of using artificial intelligence image recognition, to receive those images from drones, and then determine if, if an insulator is bad, or if poles are leaning or there’s too much sag in the lines, and that sort of thing. So everything from the basics all the way up to pretty advanced stuff. And then more recently, this idea of digital twins, especially in the nuclear industry, as well, where the the equipment, the controlling equipments on a nuclear power plant will throw off a lot of data about what’s going on plant. And that data can be fed into a digital twin, where it can learn about the operation and then you can simulate actions. So to grossly oversimplify it, if you wanted to turn a knob from nine to 10, you can simulate what that would lead to based on the actual behavior of a particular
Will Bachman 04:07
plant. And so that’s a digital what’s that word?
Mike Coleman 04:11
Will Bachman 04:13
twin twin. Okay, take it away, guys. Yeah, my understanding is that at Embry, you, as a CIO, you were leading efforts to build up their kind of cybersecurity capabilities, as well as helping the industry think about how to manage these massive new volumes of data where it used to be you’d have the utility you know, person come to your house once a month and check the meter. And now their smart meters that are throwing off kind of real time readings of everybody’s utility power consumption. There’s massive changes with with distributed energy resources, people with solar on the roofs producing power now putting it into the grid. So just the amount of data in the utility industry is just going completely exponential. And you were working on efforts on how to utilities can share that data, you know, monetize that data, keep that data safe. Tell us about, you know, your work at, you know, in that space. And also understand that that’s kind of what you’re focusing on, not now with your own consulting practice. So tell us a bit what’s going on with data in the utility industry?
Mike Coleman 05:26
Sure. Well, as you mentioned, the amount of data that’s available now is, is falling looms larger many, many times larger than it’s ever been. And you went from understanding what a home used from that manual meter reading once a month, to now in five minute increments, let’s say. So the ability to see what’s going on, on on a, on a minute by minute basis, and then try to understand what’s driving that type of usage becomes a much more interesting question. And we’re also moving from an era where loads were really predictable. Not that much changed inside a house, from an electricity standpoint, until electric cars came. So if the biggest thing you could do was maybe put in a pool, and have have a lot of electricity consumption around a pool, but now there’s, there’s this pretty rapid adoption of electric vehicles. And if everyone in the in the neighborhood got electric vehicle, most neighborhoods probably couldn’t provide enough power for that. And so one of the things utilities have to do is understand the usage patterns and the growth patterns and try to divine sort of how particular areas are adopting the rate of Western Electric vehicles, and then plan to expand the power capacity into those areas. And it’s very different, as you can imagine, from different parts of the country, even different neighborhoods within larger metropolitan areas. And so this data becomes very important. However, at the same time, it’s very sensitive data, because this is a picture of how you personally are using and consuming electricity. And so it’s pieces that are classified as personally identifiable information. And so has to be a lot of care around anything that can identify a particular household. And then there’s the broader industry question. So if you’re a large utility, and you have a lot of this data, you can, you can learn something from it. There’s the general desire to collaborate with other people, other companies. And see more broadly, the more data you have, the better you get at learning the prediction. But at the same time, the growth of all this data way outside of the utility industry, and pretty much every industry, also leaving this question Will, hey, I have all this data now, maybe this is now a competitive advantage for me. And power industry is changing faster than any time in my lifetime. And so much more competitive, lots of mergers and acquisitions and divestitures and some of them splitting up their transmission and distribution from generation. And all these all these different slices as people try to find the right the right model that maximizes the efficiency. And then as you also mentioned, all of these new distributed energy resources, rooftop solar, consuming rooftop solar, plugging into the grid, the need to understand what that capacity is and control it and see the status of it. It’s becoming a really, really complex, massively complex challenge. So you add all those things together. And then you layer on top of it. A regulatory environment that says this data, because it can contain information that can be sensitive for a number of reasons, whether it’s because it’s critical infrastructure, or because it’s personal information, or because there’s value to it. And so there’s a regulatory environment that comes into play, and then the cybersecurity aspect of it as well. So if you’re out there, and you have lots and lots of meters, they have to be very secure and the data that comes off of them has to be secured. And so Part enough to secure it and do the governance just for your own organization. And then when you try to multiply that and say, Let’s get 20 utilities together, and see if there’s a slice of this data that we can share. And now you’ve got 20 legal departments that are having an opinion about what needs to go into those agreements, you have 20 data governance groups, you have 20 cybersecurity groups. And, and then, every year, at least a couple of times a year, there’s some kind of new regulation that comes out in the utility space, specifically from the government. That adds complexity to it. And it’s usually in response to some kind of evidence in it. And so then there’s one more piece that adds just a bit more complexity, which is enforcement actions every now and then the government will do an audit and levy a fine against an organization. And for some kind of, you know, cyber shortcoming or data governance shortcoming, usually a cyber shortcoming these days. And that causes a reflex to pull back and lock down. So you have all these competing interests, and desire to share the desire to learn, desire to monetize, competing against fear of losing it, very aggressive nation states that are not only trying to steal the data, but to break into your networks as well, and get to all these devices that are feeding information. And then, of course, just a general liability of having a cyber breach and a loss of trust, and all of those kinds of things. So it is a massively complex problem. And we are we are as an industry, very far from solving it universally. We’re trying very hard to solve it individually right now. But just a massive challenge. So at every, we were able to create a very skilled cybersecurity team, very, very widely respected. Who received all of these cybersecurity questionnaires. One of them from one major utility was 1600 questions. Another one was hundreds and hundreds of questions, but not the same questions and controls that the first utility did. So we had to have a whole team of people that synthesize these provided responses, and then responses aren’t good enough, you also have to actually execute on all those controls. And we created a Data Governance team, and education process for our researchers and scientists about why we were doing all this and how to comply. And we had to try to make it as smooth as possible. So that the process of governance didn’t get in the way of the research. So we set up a platform that had standard ways of bringing in data, overlaid by governance processes that had legal agreements behind them, and methods of auditing them. And then teams that of course, watched from the cybersecurity perspective, and were proactive. And then we spent quite a lot of time interacting with various utilities to demonstrate to them the capabilities and controls that we had, so that they could trust the processes that we that we had.
Will Bachman 13:44
Alright, bunch of areas to explore in there. One I’m just about curious about is why is it so sensitive the energy uses for a particular household? I mean, I guess I can imagine, for one reason, you could sort of tell if somebody is away from their house would be good, you know, and a good time is to rob them, if you see, you know, a household all of a sudden, like not using much electricity for a period of time that oh, they’re away from the house. Good time to break in. But I mean, beyond that. He asked me and my relative ranking of concerns that I have been a lot more concerned if someone has my, you know, financial info or healthcare info or something like that, then if they know what my Con Ed bill is, you know, whether it’s 200 or 500 bucks a month or something, but what what are what are some things that, you know, a bad actor could do if they had my you know, my energy usage Bill, can they could you actually tell sort of what specific things this person is running or like, what are the concerns there?
Yeah. Gosh, there are two or three things so, so, first reaction by me and everybody Yeltsin’s who cares, right, it’s just my electricity usage data. But there, it gets more complex than that, for a couple of reasons. One, it, a lot of people viscerally react poorly, to having anything about what they do, packaged up and installed. And were used and observed with an idea that some action could be taken upon that. So that doesn’t, that’s sometimes it’s rational. Sometimes it’s just visceral. This is my information, I have to have electricity, you don’t have a right to sort of examine this and pass it around, you know, that there are fears of being shamed for using too much electricity or something like that. So maybe you have a neighbor down the street, somehow would know that you consumed a lot of electricity or something, I guess, it’s not always rational. But if you take the view that everyone is an electricity customer, you don’t get to curate your customers. The range of people and the range of opinions about what you can do with their data is going to be all over the map. And so sort of by definition, some percentage of people are going to consider that to be their private information. That’s sort of at the most basic case. But then if you go up the chain, and the actual things that you wouldn’t think of the devices you have in your house, can provide, in aggregate, for one thing, indications of patterns or weaknesses, you mentioned, one, of course, you know, are you away from how you want vacation? Are you are you in Florida for the for the winter, whatever, that kind of thing, it could be could be an indication. But these days, there’s some really weird things more than that. You could determine, for example, if there were certainly weaknesses in a certain grid, and bad actors are surprisingly sophisticated these days. And if they just had a bunch of data, they can kind of figure out where to poke and make things go badly. And, and so you just want to be careful with large amounts of data that have lots of indicators for that, for that reason, generally, and, you know, have a rule of thumb just because you can’t figure out right now, what bad things they’re gonna do with it doesn’t mean that they’re not thinking about it. And it’s, you know, one of the things I’ve learned, being in the in the cybersecurity field in this particular industry for a long time is I’m always surprised at what crazy stuff they’re going after out there. The other one, that gets trickier and this isn’t really meter reading data. But this is that whole connectivity, visibility into what people have. And what they’re doing is that if you take for example, rooftop solar, and the connectivity of rooftop solar into the grid, well, there’s a there’s a controller in your house, and that’s tied into the internet and can feed information off to the utility or whoever’s whoever is controlling how much of that gets fed back into the grid. You know, there have been a couple of demonstrations, where these weren’t bad actors. But there been a couple of instances where I think at one point, someone sent a firmware update that made the controller broadcasts out this bizarre frequency, and was causing the electronic devices in the house to act all wonky. And it took a little while to figure that out. But But then, if that kind of thing became known, which could very easily then you start identifying vulnerabilities that if you could, that if you could enact, you could, you could trigger those in mass, you could just cause a lot of a lot of issues. Those are sort of the surprising things that come out where you go down this, this connectivity into the house, rabbit hole, and a lot of that already there, but not a lot of it controls power into the house. And so now we’re also moving from
Mike Coleman 19:47
meter data. There are several platforms out there now where each one of your breakers can actually measure the electricity going through it reported maca so that you can have a better idea have, what your stove is using a washer dryer and your water heater, different parts of your house and that sort of thing as well. So you can see how getting down into that if it’s throwing off data, it’s probably controllable. And, and so that starts to raise nuts privacy questions, but what would you what would you do if you were a bad actor with all that information?
Will Bachman 20:22
Okay. Now in terms of monetizing the data, I understand that there are some companies out there that are effectively becoming, you know, creating a virtual energy source by being able to either go to commercial establishments or residential. And if there’s a peak power usage, and utility needs to get more power, instead of buying more power from a generator, they can go to one of these companies that has agreements with commercial and manufacturing, and so forth, who will get those companies to temporarily shut down some, you know, turn off some lights or turn off some refrigeration or so forth. Which, you know, instead of creating power basically just reduces the demand, and they can pay people for that, and it might be cheaper than just producing more power at peak. So I guess that’s one use of this sort of data, what are some of the other ways that companies are monetizing this? You know, energy usage data and data on the, on the grid?
Mike Coleman 21:30
I think a lot of it has to do with how how they can use that data in the learnings to become more efficient operators themselves. And so if you’re, if you’re competing, necessarily, if you’re thinking of merging with another organization, or or are you just trying to maximize your efficiency, running your own transmission and distribution organization, and that kind of thing. If you can, if you can become a lot better at it, then, and you do and you do so because of all this data, you’re able to gather and your credit through your machine learning and artificial intelligence algorithms that can finely tune all kinds of things, then, then you become more profitable. And that might be a secret sauce. And you may not necessarily want everyone else in adjacent industries to adjacent markets to know exactly how it was you’re doing that. These are very competitive, very competitive markets. And so I think they’re seeing it more as internal efficiency, data monetization. I think I think right now, they’re very, this is my impression, very, very careful and cautious, and reticent to sell data to anyone else. You know, that the blowback from that would be pretty significant. It’s not like the data that we get mind when they use Facebook and all this other kind of stuff that’s already sold. And it’s sort of understood that that’s the that’s how it all that all happens when you use your credit card. And that sort of thing. That flow of data is very heavily monetized. utility industry, I would say hasn’t, at least as far as I’m aware, been anywhere close to the forefront of, of gathering and monetizing that it’s really, from what I’ve seen, internally focused on, on being as efficient as they can. Not only for operations, but equipment maintenance, for example, you know, that the predictive, predictive maintenance on equipment failing, so you get a lot of data thrown off, you understand when something was happening before it failed, then you can take action before it fails next time. And so it increases reliability. And if it if it decreases outages, it can also decrease the number of times they have to go pay either for for power to come in or do what you just described, which is to go pay for somebody else to do. When I was at a previous company, they would come to us we had a huge generator on site. And they would actually ask us to turn our generator on and go off the grid for a bit. And they’d pay us to do that. So it’s like you described. But if you’re better at predicting, and better at your maintenance, because of the data that you’re able to gather. You can perform better financially, but from what I’ve seen so far, very reticent to be in the data sales business.
Will Bachman 24:41
Okay. What are some of the key areas that you are focused on serving CIOs in the utility and energy industry? What sorts of problems are you working on?
Mike Coleman 24:54
So, you know, there are a couple of approaches going on right now. I’ve been paying close attention to and helping out some with. One is just this massive question of how to how to comply. And the utilities themselves have huge projects going on the the sort of joining together of data governance and cybersecurity controls, but but also, after the initial sort of lockdown of data, from the regulations that came out about data sharing and governance and protection, there’s still the desire to send data somewhere else, and have it analyzed, even if it’s just for you. Sometimes it’s collaboration, like what February’s doing. Sometimes it’s just for your own use, and you don’t have the capabilities internally. And increasingly, with some of the artificial intelligence platforms, you have to send the data to wherever that is. What I’m focusing on helping utilities do is navigate practical solutions to how to make that happen, based on the work that I’ve done previously, whether it’s from developing compliance mechanisms, to just the practical outworking of how do we how do we bring together the right people to set up a infrastructure that can do this, some utilities are moving into the cloud, others are still pretty locked down and on prem only. And each one of those have their own governance and cybersecurity challenges. But so I’m focusing on helping them navigate all of those different hurdles that are continuing to change, and be able to get to the optimization of whatever it is they’re trying to get to as quickly as possible without having to learn everything from scratch.
Will Bachman 27:10
You mentioned before this crazy story of a utility that had a questionnaire with 1600 questions about our you’re gonna, you know, maintain it security, cybersecurity, what are some ways that you see forward for the industry to be able to collaborate better in terms of, you know, either sharing data between companies, or at least, you know, having some economies of scale so that, you know, AI could work across multiple data sets, and, you know, provide value to those, you know, members without, you know, without needing to go through this crazy, you know, 1000 plus questions.
Mike Coleman 27:52
Right? Well, you know, it is when you when you first see these things, there’s just this despair that sinks like, man, how are we going to get through this stuff. And then when you realize that’s just one. And, you know, there, there have been some efforts and I, I promoted heavily some of the efforts to at least get to one set of questionnaires for the districts. And there’s, it’s really interesting there, there’s a desire to do that. But it’s quite a ways off. Everyone is in compliance mode now. And they’ve chosen their questionnaires, and they’ve already had people filling out. And so switching questionnaires right now is very burdensome. And so, but I think ultimately, some sort of standard evaluation procedures gonna have to emerge because it’ll just, it’ll just melt down, you just won’t be able to share data to collaboratively do research. There is a company that out of out of the Boston area, to doing some really interesting approaches to this, which is just flipping it all on its head. They’ve developed a company called via science, they developed a, a method to create the AI models, specifically for the utility industry. And they get around all of this data sharing stuff by pushing the model to the data. And then very securely, they because they did it specifically for that industry. They started with all the security and governance processes first. And, and so that’s an interesting way around it, we may see more of that which is okay, you run your own stuff, and then you share the subsets of the learnings if you if you feel like it. Or if a central organization says we have we have a study like to do that you actually push the AI models gives me the models into utilities where the data sets. And that actually has a potential to solve a lot of problems. Everyone that I’ve talked to sees this, when it comes to collaboration, this huge, very. So I think for the foreseeable future, you’re going to see data, just park where it is, because utilities have to be comfortable, that it’s controlled and governed. The process of pushing it out to someone else is very burdensome, it’ll happen, it’ll happen to one organization to do a specific task, and then pull results back in. But it’ll be much faster if you don’t have to do all that if you can qualify a particular process that says, okay, everything stays where it is, we know what the queries are, we know what the models are, push those into the data, do its thing, you know, improve the modeling with the model back and maybe share that. So maybe you’re just sharing the model you have, you’re not really moving the data around. So that’s a, that’s a potential model, at least where we’re at seems to solve a lot of problems, you know, there are two or three issues with the one on prem data with your own private circuits, you can move data around, it doesn’t really cost you a lot of money. But as you come into the cloud, you may be aware, it’s free to put data into the cloud, it costs money, take it back out. So if you’re, if you’re dumping these massive amounts of data in meter reading data, and all other kinds of things, just digital twin data, and you’re you’re cranking away at it inside your cloud instance. And somebody says, Hey, can you send me a copy of that I’ve got a really cool AI Mamajuana are the two that can actually end up being really expensive, just to say, Sure, I’m going to push this data out. Because the models right now are, it costs money for data to exit your instance of the cloud? So I think more and more it’s going to be leave the data where it is. Secure it governance, you know, bring bring the experts to the data rather than can move it around. And I think it’s going to negatively impact collaboration for a while. But ultimately, I think the commoditization of the governance and the cyber controls will happen. We’re probably five to 10 years away from that. Five years, we’ll be very optimistic. It’ll ultimately have to happen, but the forces working against their right power very strong.
Will Bachman 32:47
Mike, this has been a great discussion. If anyone wants to follow up with you or learn about your firm, where would you point them online?
Mike Coleman 32:56
Yes, first of all, thanks for having me on. It’s great to catch up with you. You can visit the website at Stratus key.com. That’s Stratasys and cloud Stratus key.com, or email me, Mike Stratus key.com. And I really appreciate the time today. It’s really good to talk to you.
Will Bachman 33:16
Fantastic, Mike. Thanks a lot. We will include those links in the show notes and thanks for listening