By David Hall, VP Power Systems at Schneider Electric
In the last few decades, technology has advanced at previously unimaginable speeds, with the digitalisation of the grid both a driver and beneficiary of this shift.
This convergence marks the shift towards Electricity 4.0, an integral transition to moving towards a more sustainable world. Ultimately, we want to build smarter, more resilient, and more efficient electrical grids. However, this comes with a set of risks, cybersecurity being chief among them.
The dark side of digitalisation
The need for cybersecurity has grown significantly with the expansion of smart grids. This is primarily a result of increased digitalisation, better connectivity, and third-party stakeholders. While largely beneficial overall, the integration of IT and OT domains exposes smart grids to cyberattacks in a unique way.
Before the emergence of Electricity 4.0, legacy equipment and devices were previously designed without the intention of connecting to broader networks. This legacy equipment is now exposed to contemporary threats, opening a window of opportunity for attackers. Since it is often financially unfeasible for companies to simply replace old equipment with newer models, organisations must utilise equipment that lacks the processing power to facilitate additional cybersecurity measures, while newer models are required to offer continued support for legacy software still relying on outdated security measures.
Ultimately, these changes have increased the surface area for, and potential scale of, attempted cyberattacks, with many large power companies now potentially facing millions of malicious systems threats each day. Experts now argue it is no longer a question of if but when a company will experience an attack.
The energy sector was the most attacked industry in the UK in 2021 (representing 24% of all cybersecurity incidents), with only the banking sector spending more on average per year tackling cybersecurity than utilitycompanies. The UK was one of the top three most-attacked countries in
Europe in 2021 and the potential cost of cyberattacks on London’s electricity grid alone could reach up to £111 million a day. Ensuring that the electrical system can continue to operate in real-time and provide a reliable service with full availability to consumers must be prioritised.
Building your best defence against cyber threats
It is important to stress the severity of a cyberattack on electricity systems. They can damage an organisation’s safety, utility and customers, as well as the broader electricity system, economy and environment. Now, in an era of crisis, rising costs and pressure on the energy industry, how can organisations best deal with these threats?
The most crucial aspect of any cybersecurity effort is the realisation that new threats are constantly emerging and evolving; effective cybersecurity should be considered an ongoing process, not a static tick-box exercise. Utility companies must have a robust cybersecurity strategy that is adaptable over time and backed up with a recurring annual investment.
Organisations must also integrate third-party risk management into the overall risk management program to maximise the effectiveness of any defence; currently, only 15% of organisations worldwide do this. Critical areas for firms to be aware of when designing effective security include extensive employee training, stout physical cybersecurity practices and equipment, utilising ‘secure by design’ principles and employing an automatically assumed position of ‘Zero Trust’.
Measures such as these ensure minimum standards are consistently applied to new and current installations. The aim is to future-proof and facilitate a shift from legacy, perimeter-centric models of information security to Zero Trust microparameters, which grant access to isolated parts of the network, making it more secure and resilient overall. Our solutions are built using the ‘Secure Development Lifecycle’ (SDL) principle and revolve around four essential steps:
Access to the network is subject to safety measures such as authentication, authorisation and physical identification.
The network is protected from malware and viruses and can have some advanced protection tools installed.
Issues in performance, anomalies and intrusions should be detected as soon as possible to allow an adequate response.
Once a cyberattack is found, incident response is activated, and forensic investigations are conducted. If needed, recovery can be made from a backup.
Is there a silver bullet solution to security?
Ultimately, there is no one-size-fits-all approach to cybersecurity, and it is impossible to guarantee the total prevention of cyber breaches completely.
Energy companies face various challenges when dealing with cybersecurity, including long investment cycles, the convergence of the IT/OT environments, the homogenisation of products, the increasing integration of third parties and vendors and a widening skills gap.
Nonetheless, investing time and resources into securing your cyber environment is necessary for any business, particularly those that run critical infrastructure like electrical companies. The first step in achieving this is understanding your cyber environment and what is needed to shift your business from a reactive prevention model to a proactive one. As we move into and through the Electricity 4.0 era, in which official standards are the minimum requirement and not the height of ambition, utilities companies and their customers need the reassurance of a cybersecurity strategy that provides thorough protection against malicious attacks.