With highly distributed environments and operations, the critical infrastructure sector is a major target for cyberattacks. We invited two key experts to our studios at European Utility Week to discuss the issues surrounding cybersecurity in today’s energy sector.
Understand security needs
Marius Munstermann, Key Account Manager, Rohde & Schwarz SIT GmbH, explains that with the convergence of the process and office networks, there is a greater need for security of the data travelling between these systems. There is a need now for the entire system to be made secure, he says.
He explains the importance of governmental support when it comes to setting regulations around cybersecurity. He points to the German government which has just passed a security law requiring that within two to three years, companies must have a security managed system. He adds that industry bodies have a vital role to play in providing the sector with practical guidelines to push security measures forward.
Mr Munstermann discusses how his company’s solutions provide great value for the energy sector as far as cybersecurity is concerned. Rohde & Schwarz has developed a targeted approach. This includes a next generation firewall for the energy industry which is developed and engineered in Germany.
He suggests that in order for utilities to develop a strategy and employ the right security management solution, it is important to understand the overall situation right from the start. He says: “Pull parts of the puzzle together to understand what is required and put someone in charge of cybersecurity. Ensure that you get support from C-level and obtain the appropriate budget.”
Don’t ignore cybersecurity
Peter Johnson, vice president, utility markets, Alcatel-Lucent, warns that utilities should not ignore the growing threats of cybersecurity. He adds that technology is moving on and cybersecurity threats are evolving.
“Utilities should take a layered approach- you need management buy-in and you need people and processes that will support the system’s security. Then, look at the solutions and appropriate processes that need to be put in place. This is how you will reach a strong defence against threats.”
He also discusses how network group encryption protects Ethernet- and IP-based smart grid applications. He explains that this is a good way of protecting the content of the network and there are various ways that one can encrypt the information. IP/MPLS advantages give utilities certainty about the level of protection. The system acts as a channel for the data allowing only the most critical data to pass through.
Says Mr Johnson: “Old technologies won’t be around forever. Accept that there will be a movement towards packet networks. Utilities and vendors should learn from each other’s experiences. Also, cybersecurity measures should be applied from the outset.”
Disclaimer: Alcatel-Lucent joins Nokia following successful exchange of shares. Find out more