Security risk management considerations


Smart Energy International had the opportunity to speak with Eric Trapp, vice president, security and technology and chief security officer for Sempra Energy about cybersecurity and risk management.

You can read the interview below:

Trapp is a speaker on the “Risk management considerations” panel taking place at the CyberCon Power & Utilities Cybersecurity Conference from November 19-21, 2019 in Anaheim, CA.

Can you give a brief description of your role and current projects?

As vice president of security and technology, and chief security officer, I have oversight of Sempra Energy’s physical security, cybersecurity across our operating companies, and information technology for our company’s LNG business.

Some of my current projects include identity and access management, which aims to increase employee productivity by streamlining access to key technologies.

Additionally, I represent Sempra Energy on the FBI Domestic Security Alliance Council and collaborate with our industry partners to strengthen our industry against risk.

From a risk management perspective, do you think corporate leaders are doing enough to clearly define their corporate security strategy and integrate it into their overall business strategy?

I’m incredibly proud and grateful for how engaged the Sempra Energy’s leadership and board of directors are in matters of technology and security. We’ve established a rapport that isn’t around catastrophising. We focus on solutions.

Sempra Energy has key goals for our technology and security departments. Of course, managing risk is key but this is also about how we leverage innovation to make our business better.

We’re exploring how automation and artificial intelligence can improve our security systems. But we’re also focused on how to use technology to improve our employee and customer experiences. In order to achieve our mission to be North America’s premier energy infrastructure company we must focus on deploying technological solutions that improve the experiences of our employees, customers and contractors.

What in your opinion is a must-do to protect against threats?

Collaboration is key. Collaboration with regulators, with our industry peers and within our own company. By learning from each other, we’ll be able to continue to advance our systems. We regularly engage with our industry partners at every level. Whether its mutual assistance agreements with other utilities or sharing best practices, energy companies throughout the country are working together to protect our customers. Sharing our experience strengthens the entire system.

Both utilities and regulators are talking about mandatory standards and compliance. Do you think enough is being done in this area?

It is important that industry and regulators continue working together on threat intelligence and protection systems to lower risk. Compliance alone isn’t enough.

Our philosophy at Sempra Energy is security-led compliance, not compliance-led security. This means we’re going to do what’s right for our company and our customers, and that often involves going above and beyond compliance.

About Eric G. Trapp

Eric G. Trapp is vice president of security and technology, and chief security officer, for Sempra Energy.  Trapp is responsible for the oversight of Sempra Energy’s physical security and cybersecurity, as well as information technology for Sempra’s infrastructure business.  

Trapp joined Sempra Energy in 2017 as director and chief information security officer. 

Prior to Sempra Energy, Trapp was an executive director at Ernst & Young, with a focus on cybersecurity in the power and utilities sector. Before joining Ernst & Young, he was a managing director and partner at Accenture, overseeing the technology consulting team for the North America resources operating group (utilities, chemicals and natural resources). 

Previously, Trapp was a director of information technology at Southern California Edison. 

He also serves as Sempra Energy’s representative on the FBI Domestic Security Alliance Council and is on the board of directors for Identity Theft Resource Center.

Trapp is a veteran, having served as a SEAL in the U.S. Navy and U.S. Navy Reserve. He holds a bachelor’s degree in criminal justice from National University. 

If you’re interested in learning more about these types of cybersecurity practices, then don’t miss Eric Trapp’s presentation at the CyberCon Power & Utilities Cybersecurity Conference in November. You can learn more about the agenda and register for the conference here.  Special offer for Smart Energy Int’l readers: You can get $200 off the conference registration fees by using the code ‘SMART19’ at check out!