Why public utilities are investing in cybersecurity solutions
Upgrading electrical grids and water infrastructure around the world with new capabilities -- such as network communications, remote and automated management of elements in the field, and new utility management functionalities -- continues to gain momentum.
However, smart infrastructure demand means increased dependence on new technology and communications connectivity, which greatly introduces IT security risks.
Smart utility market development
The new infrastructure can expand the number of threat vectors, rendering smart utilities vulnerable to cyber attacks. Maintaining resilient electrical power generation and transmission -- as well as water distribution and treatment -- are key to protecting the public utility environment.
Therefore, effective cybersecurity must be a function of hardware, software, data, and networks.
The modernisation of utility infrastructures is enabling increased efficiencies and reliability through digitisation, connectivity, and IT-based approaches. Smart cyber assets are transforming public utilities, allowing them to deploy and leverage a new generation of functionality and customer services.
However, smart utilities are also highly vulnerable to cyber threats, and IT security is a primary concern, according to the latest worldwide market study by ABI Research.
Digital security is often unimplemented during utility modernisation due to cost, resource, and time constraints. This is exasperated by issues with adapting cybersecurity to OT environments and an overall lack of knowledge and expertise in bridging these divides.
Furthermore, public sector efforts have declined since 2012-2013, when both the United States and European Union markets were actively driving national cybersecurity strategies.
The current U.S. government dropped cybersecurity from its list of priorities, and the European Commission is struggling to get its NIS Directive deployed and obtain the funding for ENISA to fulfill its mandate.
"It seems that the United States and the European Union have forgotten that cybersecurity needs to be a continuous effort, not a one-time announcement to tick all the boxes,” said Michela Menting, research director at ABI Research.
Both electric power and water utilities have reported advanced persistent threats which exploit flaws in industrial control systems. More critically, the typical cyber threats -- such as ransomware and DDoS attacks -- are increasingly affecting utility infrastructure cyber-assets, both on the back and front-end.
While power and water infrastructure stakeholders will spend over $8 billion globally on cyber-securing utility infrastructures in 2018, only a small portion of that will be dedicated to operational technologies and smart systems.
Outlook for smart utilities investment
Grid modernisation efforts are an ideal time to start designing and integrating digital security and provide an opportunity for adapting existing mechanisms and processes -- from industrial control systems to smart meters.
"Utility organisations should remain firm in their commitment to cybersecurity, despite the backseat public support. Fortunately, from a private sector perspective, a growing vendor ecosystem is emerging to hopefully address these key issues," Menting concludes.
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.
- » New Zealand has blocked a telco from using Huawei’s gear
- » Nokia report warns 5G will make IoT botnets worse
- » China will dominate the US in gigabit broadband race
- » US petitions allies to drop Chinese 5G vendors ahead of tense G20 summit
- » Huawei will change its practices to appease UK security officials