In a world defined by closer integration and connectivity, the points of vulnerability that were often overlooked are evolving into potential threat vectors. The influx of smart technologies such as the Internet of Things, cloud and mobility coupled with multiple networks and diversified assets increases the overall threat surface area. The use of a common information technology (IT) platform networking hardware to communicate with substation intelligent electronic devices (IEDs) also makes cybersecurity a growing concern. Apart from addressing the challenges stemming from heterogeneity in asset characterizations, proliferation of intelligent devices and regulatory demands, the need to counter targeted, advanced and persistent threats is fueling cybersecurity adoption in the US power industry.
New analysis from Frost & Sullivan, Cybersecurity in the US Power Industry, finds that the scale of security implementation will depend on the industry's capability to suitably integrate the IT and operational technology worlds. Security intelligence and event management (SIEM) and real-time threat processing will be the most prevalent on-demand security intelligence platforms.
Networks, such as those present in utilities and critical infrastructure facilities, send and receive large volumes of sensitive data in real-time outside industrial networks. Meanwhile, the deployment of smart grids brings up the issue of data privacy.
"Employing a layered or in-depth defense strategy will help reduce vulnerabilities," said Frost & Sullivan Industrial Automation and Process Control Senior Research Analyst Sonia Francisco. "Monitoring and controlling endpoints and networks through multifactor authentication, and restricted process area access can go a long way in overriding the risks of distributed assets."
While regulatory compliance is the main driver for uptake of cybersecurity, utilities remain unsure of the reliability and returns associated with investing in these solutions. End users remain skeptical since there is never a guarantee of full protection even with the use of firewalls, intrusion detection and prevention systems, as all software-based solutions are penetrable.
The lack of awareness on the implications of keeping unprotected assets and the increasing complexity of regulations also deter utilities from deploying cybersecurity systems. Moreover, products are often provided by niche suppliers that do not commonly work with enterprise IT platforms, and therefore do not meet end-user needs.
"Air gapping coupled with the use of proprietary communication protocols was, for a long time, the primary strategy employed by various power utilities," indicated Francisco." In a world that's becoming defined by closer integration and connectivity, successful implementation of industrial security solutions in the future will depend on the seamless merging of information technology and operational technology."