July 21, 2017 By Scott Koegler 2 min read

It’s a surprise to no one that computer systems need enhanced protection to reduce their susceptibility to cyberattacks, as recent events such as the WannaCry and NotPetya attacks have shown us. These infestations proved that government operations and critical infrastructures are as much at risk as corporate systems.

Of particular concern are energy distribution systems, which support nearly every activity in modern society. With this in mind, security professionals at energy companies are exploring ways to protect their operations and our way of life.

Expert Advice on Enhanced Protection for the Energy Sector

Below is a short interview with Gordon MacKay, chief technology officer (CTO) at Digital Defense, Inc. He works with chief information security officers (CISOs) across a variety of industries to help them devise protection strategies.

QuestionIs there some tool, set of capabilities or procedure that power companies should abide by that can minimize or eliminate the possibility of large-scale disruption of the power systems?

MacKay: As part of my own experience in interacting with information security professionals within the energy sector, the overwhelming consensus is there is no silver bullet solution to these threats — reducing the risk of such events includes a multipronged approach. A general, common strategy includes an encompassing cybersecurity defense program, which is driven from the top executive level that permeates the entire organization and includes a significant cyberdefense budget.

What advice do you offer energy providers’ CISOs regarding where to start or prioritize their efforts to protect their assets from cyberattacks?

MacKay: The list of prioritized items is lengthy and depends on the threat model, but a general proposed prioritized list includes:

  • Security awareness training — it’s a must;
  • An ongoing, enterprisewide vulnerability management program (not just parts of the network, but all assets, even cloud assets);
  • An incident response (IR) program that includes internal, tangible threat attack data from deception technology, intrusion detection systems (IDS) and intrusion protection systems (IPS) correlated versus threat intelligence and asset vulnerability data, a threat hunting program, and a multitiered security analyst team as part of the IR program response; and
  • A set of sound security measurements so as to gauge the effectiveness of the program, which is fed back into it for the purpose of continuous improvement.

hat is the best way to assure that your employees understand what is at stake and how to best safeguard their company?

MacKay: One of the topmost initiatives an organization must take on is to educate the entire employee base on security risks on an ongoing basis. More so, this education program ideally should be disseminated from the top executive level downward and ensure employees are fully engaged, positively enlightened and motivated to help protect the organization. There are security awareness programs on the market that help with this, but of course, it all starts with the intention and motivation of the organization.

So while cyberattacks against critical infrastructure areinevitable, the best defenses start with training, but don’t end there. Power providers need to increase their awareness of their assets and be able to monitor and quickly respond to threats.

MacKa: By including intelligence on what is vulnerable in the network, alongside other threat intelligence and security incidents, the organization is able to automatically lower priority on certain threat events for which assets are not vulnerable in favor of threat events related to assets that do have significant vulnerabilities.

Listen to the podcast: Nuclear Facilities Under Attack And Cross-Industry Lessons In Cybersecurity

More from Energy & Utility

Water facilities warned to improve cybersecurity

3 min read - United States water facilities, which include 150,000 public water systems, have become an increasingly high-risk target for cyber criminals in recent years. This rising threat has demanded more attention and policies focused on improving cybersecurity.Water and wastewater systems are one of the 16 critical infrastructures in the U.S. The definition for inclusion in this category is that the industry must be so crucial to the United States that “the incapacity or destruction of such systems and assets would have a…

The UK energy sector faces an expanding OT threat landscape

3 min read - Critical infrastructure is under attack in almost every country, but especially in the United Kingdom. The UK was the most attacked country in Europe, which is already the region most impacted by cyber incidents. The energy industry is taking the brunt of those cyberattacks, according to IBM’s X-Force Threat Intelligence Index 2024.The energy sector is a favorite target for threat actors. The complexity of systems and the reliance on legacy OT systems make them easy prey. Because of the critical…

Third-party breaches hit 90% of top global energy companies

3 min read - A new report from SecurityScorecard reveals a startling trend among the world’s top energy companies, with 90% suffering from data breaches through third parties over the last year. This statistic is particularly concerning given the crucial function these companies serve in everyday life.Their increased dependence on digital systems facilitates the increase in attacks on infrastructure networks. This sheds light on the need for these energy companies to adopt a proactive approach to securing their networks and customer information.2023 industry recap:…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today