Thanks to the increase in smart grid functionalities, cyber attacks on the utility are escalating as hackers become more sophisticated. According to figures from the Department of Homeland Security's Industrial Control Systems Computer Emergency Response Team (ICS-CERT), 41% of hacking incidents reported and investigated by the agency in 2012, were related to the energy industry.
If utilities fail to address the vulnerabilities and security concerns, the consequences will be dire. A smart grid attack has far-ranging effects and will impact a large number of victims.
It is for this reason that asset managers need to draw on the integration of all data sources from all departments in order to avoid a major cyber attack.
Asset managers will need the following strategies in place to carry out an effective campaign:
Support from the top
The asset management team will need a CEO who understands the threat from the Internet. Leadership by a cyber-savvy CEO will help asset managers to seize the internet’s opportunities and to realise them securely. The CEO needs to communicate potential threats to all departments and support the asset management team if security systems need to be installed or upgraded.
Reassess the security function’s fitness and readiness for the cyber world
Organizations already have information security functions that may be doing a good job in protecting against traditional threats. But, as new threats develop, more focus must be placed on upgrading or transforming the existing capabilities.
The whole picture
To align its security function and priorities as closely as possible with the realities of the cyber world, asset managers need a clear understanding of the current and emerging cyber environment. Situational awareness – a term drawn from military strategy – means knowing the landscape surrounding your own position, including actual and potential threats.
A cyber-incident response team
Traditional organization structures may not support quick and decisive responses which are needed in the cyber environment. Asset managers need effective cyber-incident response teams that can track, risk-assess and escalate incidents.
Nurture and share skills
It is in the interest of the asset management team to invest in cyber skills since these are already in short supply. If skill sets are there already, these should be shared within the team. An integration of skills between departments should also be encouraged. For instance, the IT department can share their skills with the OT department and the asset management team.
Take a more active and transparent stance towards threats
The high-profile and defensive nature of cyber attacks tends to engender a defensive mindset. But a number of cyber-savvy organisations are now getting onto the front foot by adopting a more active stance towards attackers, pursuing them more actively through legal means, and communicating more publicly about their cyber threats, incidents and responses. The asset management team needs to communicate these threats with other departments so that they obtain a better understanding of the threats. All departments need to understand that everyone is responsible for securing their department’s systems.
Asset managers have access to integrated data from the utility’s systems. This broad access will help the asset management team uncover potential cyber threats across the board. Our article Data Analytics Tools to Prevent Cyber-Attacks discusses how data analytics tools has the ability to strengthen IT and critical infrastructure security.
With the help of other departments and top level management, asset management will play a major role in cybersecurity.