The Smart Grid is being built out of hundreds of thousands of software applications totaling billions of lines of code. Current cyber security best practices for IT systems including network IDS and IPS, anti virus and platform patch management systems, are necessary but far from sufficient for keeping attackers at bay. Most custom developed apps are full of high severity vulnerabilities and hackers have repeatedly shown they know how to get through perimeter defenses to reach apps and exploit their weaknesses. This presentation discusses the challenges posed by the extensive use of software systems to achieve the smarter functionality we all seek, and offers high-level solution paths to get begin to get this problem under control.