EXECUTIVE SUMMARY:
In recent years, the energy sector has come to embrace cloud-based management and distribution systems. According to a new report published by Deloitte, cybersecurity threats put these critical resources at risk.
The Deloitte study finds that cyberattacks on utilities have been steadily increasing. In 2016, alone, there were 59 cyberattacks on the American energy sector.
Referencing the Deloitte study, Utility Dive writes, “The system is gaining complexity and the number of access points is rising.”
Nearly half of power and utility CEOs feel that cybersecurity attacks are a matter of “when,” rather than “if,” and a significant percentage feel insufficiently prepared to address such issues.
Some of the biggest threats come from nation states, organized crime, and disgruntled employees. And when it comes to nation states, the concern is pervasive. According to the Pew Research Center, a new report indicates a jump in the number of countries that see cyberattacks from other countries as a top threat. From 54 percent in 2017, 61 percent now rank cyberthreats as a serious concern—alongside climate change and ISIS.
Nonetheless, Deloitte asserts that if technology introduced the problem, technology also retains the potential to solve it.
“Technological innovation and analytics should drive every electric power company’s cybersecurity strategy,” says Paul Zonneveld, Deloitte’s global energy and resources risk advisory leader.
In support of safeguarding technological infrastructure, the Department of Energy recently awarded $28 Million to 11 different cyber security initiatives, including a project to redesign U.S. energy architecture for the sole purpose of enhancing cyber security.
In the meantime, Deloitte recommends three key measures to safeguard against cyber risks. From Utility Dive:
- Mapping infrastructure assets and evaluating vulnerabilities and the maturity of the control environment. Companies should “build a framework for protecting critical assets” that relies on people, processes and technology, the report suggests.
- Evaluate suppliers’ security processes: Utilities must engage with the supply chain procurement function and understand suppliers’ cybersecurity processes.
- Deloitte said utilities must engage with industry peers and government agencies, exchanging threat intelligence with peers and testing new technologies.
Get the full story at Utility Dive.