Why cybersecurity is lagging in utilities – and what to do about it
The energy space is a highly attractive target for cyberattacks, with potentially major repercussions. It is also an industry that is notoriously slow to adopt new advanced cybersecurity measures. The slowness of the industry in adopting new security solutions is evidenced by global utilities lagging behind aligning themselves with cybersecurity standards.
Recently, US utility Duke Energy was fined $10 million by NERC for egregious security lapses dating back to 2015. And Duke was presumed to be ahead of its peers, so where do other utility firms stand?
Clearly, there is a need for investing in increasing utility cybersecurity awareness, optimising the operations of emerging grid security technology start-ups and in research and development of new security features and capabilities.
Smart Energy International spoke with Carolyn Crandall, chief deception officer at Attivo Networks, a cybersecurity firm, to understand what can be done to ensure increased adoption of security technologies and measures.
Asked about the impacts of cyber attacks, Crandall said energy sector leaders are acutely aware that they are a highly attractive target for cyber attacks and must be prepared for the most sophisticated cyber criminals. Although the attack is done online, cyber attacks pose the same kind of infrastructure risk and repercussions as natural disasters or physical attacks. Cyber attackdriven outages can also have a significant impact on economic and government stability if taken to extremes.
With the emergence of smart grids, smart devices, and the massive growth of IoT connected devices, rapid digitisation of the energy industry has increased the potential attack surfaces and the need for enhanced visibility and detection of in-network cybersecurity threats. Given the sophistication and gravity of these attacks, the sector has enhanced its security programs to include investment in not only prevention but also in lateral movement detection so that attackers cannot successfully establish a foothold or advance their attacks.
Beyond costly outages, attacks could potentially result in infrastructure shutdown, triggering economic and financial disruptions or even loss of life and massive environmental damage.