The cybersecurity threats the utility industry faces are unlike any other threats we have seen. Our dependence on operational technology to provide support for energy generation, distribution, and transmission in our daily operations is at a peak, which has created gaps for cybersecurity threats to feast on.
Recently, we have witnessed an upsurge in the frequency of cyber-attacks on the energy industry. These occurrences range from small attacks targeting local energy companies to large attacks on grids at national scales. Over the past several years, the frequency of Industrial Control System-focused attacks at the hands of nation states and cybercriminals has increased. The Triton/Trisis attack and those against the Ukrainian Power Gird are sour examples of this trend.
Adding protection features such as patching and network segmentation can stop these cybercriminals from disrupting the energy process. However, this is just a stop-gap measure. Cybersecurity protocols need to be updated, refreshed, and evaluated to beat the hackers.
Booz Allen recommends establishing a strategy and high-level roadmap to establish an Operational Technology (OT) Security Operations Center (SOC) capability – the only long-lasting solution to protecting the cyberspace for energy activities is the collaboration of all operational technology and security operations center capabilities.
How do we bridge the gap between people, processes, and technology in the utility industry?
Advances in the complexity and interconnectedness of day-to-day energy support operations has caused a gap between people, processes, and technology. To bridge this gap, there is a need for greater collaboration and information sharing between these components.
Observations within the industry show existing collaborations in the system. The next step is to build and expand on these systems to be all-encompassing. While further collaboration is possible, the limitation of collaboration in the oil & gas and utility industry is that information sharing only occurs when mandated.
There is an increasing call from experts for stronger collaborations between industry parts. People, processes, and technology across all environments have to engage in continuous collaboration for a better performing system. For example, the Cyber Defense, Business Areas, and CIOPS teams all have to share operational technology and information technology at a greater scale, and not only when instructed.
How COVID-19 is/has impacted the utility market from a cyber perspective?
The COVID-19 pandemic has affected all industries at a global level. We’ve watched our aviation operations cripple while others, such as the utility market, have experienced smaller impacts upfront, with longer implications to follow.
While the utility market has fared relatively well in coping with the pandemic, the very unpredictable nature of the pandemic and its long-term effects are raising fresh questions. One of the most noticeable impacts on the utility market is the reduction in demand globally for utilities. The lockdown initiated by many countries across the globe to try and flatten the spread of the pandemic has contributed to falling demands for utilities.
An increasing remote workforce has birthed new cyber risks that cybercriminals are now exploiting. Weak points in infrastructure and remote working security connections, coupled with prolonged lockdowns and new business guidelines are unique challenges facing the industry.
Operational challenges in the utility market is a worry among all stakeholders in the industry. What we face is an unprecedented situation for the market as a whole. How does the utility market grapple with these challenges while keeping the environment safe? Our Booz Allen utility leaders have learned that distributing energy sources will undoubtedly require a new operational model.