The US Congress, DHS and the man on the street say the grid is not secure enough. Well how do they know? How does anyone know how secure they are today? And how would one define how secure is secure enough? Unless we can begin to measure, we'll never be able to baseline, and never be able to road map to a demonstrable, more secure future state. So let's get started.