The long-term vision for modernization of power management and control systems, smart grid, is rather complex. It comprises several scientific traditions: supervisory control and data acquisition systems, automation systems, information and communication technology, safety, and security. Integrating information and communication technology systems and power management and control systems causes a need for a major change regarding system design and operation, in which security controls are required and implemented, and how incidents are responded to and learned from. This paper presents concerns that need to be addressed in order for the implementation of smart grids to succeed from an information security point of view: a unified terminology, a fusion of cultures, improved methods for assessing risks in complex and interdependent systems, preserving end users' privacy, securing communications and devices, and being well prepared for managing unwanted incidents in a complex operating environment. Copyright © 2013 John Wiley & Sons, Ltd.