2017 will be a busy and challenging year for utilities. Utility IoT will collide with regulatory deadlines and new cyber threats, forcing utilities to evolve at a blistering pace. Staying on top of these trends will help you prioritize, prepare, and plan in these challenging times. As SSS embarks on another year of partnering with utilities, here’s our pick of top trends that are sure to make-or-break utilities this year.
Make
Cyber attacks will only increase in 2017. Utilities that can automate threat detection and response will come out on top. Rather than relying on firewalls, these utilities are deploying strategic security framework to prevent, detect, and recover from cyber threats in real-time. With automation, security platforms share information across the attack surface, utilizing data analytics to automate detection and streamline incident response. This will afford utilities a stronger line of defense and reduce the cost of recovery.
Break
An automated cyber defense won’t put itself together. It requires multi-layered controls and a highly-coordinated network. But a persistent ‘wait and watch’ approach has left too many utilities perched between no action and reaction. In 2015, 1 in 2 energy organizations reported they lack real-time actionable cyber security intelligence to respond to emergency incidents, Scottsmadden reports. Developing a strategy is one thing, putting it into play is another. A daunting and monstrous for task for all, those who resist the challenge in 2017 will pay for it later.
Make
New regulations are helping utilities avoid attacks and save money by minimizing possible damage from attacks. Last year, NERC’s revised standards required utilities to add controls based on levels of security risks from high to low, in addition to ensure physical security upgrades to protect substations and control centers from attack. FERC’s new ruling last July only offers more regulatory to-dos. Under the order, the industry has to develop a cyber security supply chain management standard. The new standard must address security management for all industrial control system hardware, software, and services associated with the bulk electric grid. Also in 2017, utilities must comply with NERC’s new CIP-003 by April. CIP-003 focuses on Low Impact Assets, ensuring cyber security awareness, physical and electronic access controls, and incident response. These rules will make the grid more resilient in 2017, helping utilities avoid a Ukraine-like attack and better measure what’s working and what’s not.
Break
Despite the new rules, a Trump presidency has everyone worrying what the future is going to look like. In fact, many security experts are not confident cyber security will improve with the new administration, Forbes reports. Trump’s deregulatory presidency might crush prevention efforts, leading to mass destabilization of industrial control systems, these experts say. Add to this the alleged Russian hacking of U.S. political operations, and we have the worst possible times for the grid. Utilities that fail to plan ahead will be an easy target for rogue attackers.
Make
New regulations are helping utilities avoid attacks and save money by minimizing possible damage from attacks. Last year, NERC’s revised standards required utilities to add controls based on levels of security risks from high to low, in addition to ensure physical security upgrades to protect substations and control centers from attack. FERC’s new ruling last July only offers more regulatory to-dos. Under the order, the industry has to develop a cyber security supply chain management standard. The new standard must address security management for all industrial control system hardware, software, and services associated with the bulk electric grid. Also in 2017, utilities must comply with NERC’s new CIP-003 by April. CIP-003 focuses on Low Impact Assets, ensuring cyber security awareness, physical and electronic access controls, and incident response. These rules will make the grid more resilient in 2017, helping utilities avoid a Ukraine-like attack and better measure what’s working and what’s not.
Break
Despite the new rules, a Trump presidency has everyone worrying what the future is going to look like. In fact, many security experts are not confident cyber security will improve with the new administration, Forbes reports. Trump’s deregulatory presidency might crush prevention efforts, leading to mass destabilization of industrial control systems, these experts say. Add to this the alleged Russian hacking of U.S. political operations, and we have the worst possible times for the grid. Utilities that fail to plan ahead will be an easy target for rogue attackers.
Make
2017 promises another bout of severe hurricanes and storms, forcing utilities to harness the grid-hardening powers of its new devices. Facing the challenge, many utilities are finding better ways to monitor and respond in real-time and share these best practices to help reduce overall grid vulnerability.
Break
But hurricanes and storms aren’t the only threats. In 2017, there will be more talk of solar cannonballs (CMEs) striking Earth’s atmosphere. The last solar blast took place in 1989 and shut off power to 6 million people in Canada. NASA now predicts there’s a 12% chance of a CME hitting Earth in the next decade. Six test sites around the country are studying this phenomenon, with a particular focus on how a severe space weather event would impact our grid. Utilities that prepare now will be better off, the Department of Homeland Security advises.
—
A leading utility and industrial communications provider, SSS is dedicated to helping utilities get ahead of trends, upgrade their systems and secure their networks. Our engineering services team would be glad to discuss your specific needs.