Security measures for energy production plants were formerly focused on the physical security of the plant, including considerations for the perimeter and reliable procedures. Years ago, cybersecurity was not considered so vital because energy production plants were based on SCADA systems that were closed off and ran on proprietary protocols. But are these systems still safe today?

The Stuxnet worm demonstrated in 2010 that even if a system is protected and cannot be accessed by external attackers, it can be hacked. This type of attachment at the programmable logic controller of the SCADA cannot likely be replicated for this peculiar case, though everyone remembers this event as a milestone. After 2010, the entire world was made aware that SCADA systems can be attacked and, thus, must be protected.

On the other hand, is it really true that SCADA systems are so closed that they cannot be accessed by external forces? The reality is that SCADA systems originally used proprietary interfaces that were not always very user-friendly. In order to improve the user experience, SCADA systems are now often interfaced with a standard user’s interface. Also, in order to reduce the costs of management, standard marketplace protocols are used. Therefore, SCADA systems may be closed, but they are based on elements that can be affected by cybercrime.

Grid introduction in the production of energy and the usage of digital metering systems for an intelligent utilization of the energy implies that the production plant cannot be included within a perimeter.

Industrial processes are now strongly based on IT. To create a problem for an enterprise focused on producing energy, it is not necessary to compromise the SCADA systems, but it could be enough to attack the customer relationship management system. In fact, how many days could an enterprise survive without receiving money from clients or without paying providers and employees?

Therefore, protecting an energy production plant is strongly connected to cybersecurity. There needs to be a holistic approach to protecting the enterprise. Rather than just focusing on protecting the infrastructure, data or application, all elements necessary to provide service should be protected.

More from CISO

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today