December 22, 2024

Security Sessions | Securing Critical Infrastructure

by Robert Nawy, IPKeys Cyber Partners

In today's highly interconnected world, the electric grid is rapidly evolving to accommodate the growing demand for cleaner and more sustainable energy sources. As demand increases, arguably the most critical component of modern infrastructure – our electric grid is becoming a top target of cyberattacks. Addressing key vulnerabilities and potential threats is paramount to ensure a secure and reliable energy supply.

We come into contact with multiple devices and multiple electrical networks every day. What many do not realize is the devices we spend so much time interacting with provide hackers windows to slip in and access critical personal data. According to DataProt, nearly 60% of Americans say they have experienced cybercrime or somehow fell victim to a hacker. As we become more connected and reliant on technology, those numbers are sure to rise as bad actors seek to take advantage of vulnerabilities.

Cyberattacks impact everyone, from citizens to organizations. If you use the internet, you’re at risk. Businesses make very inviting targets, more so than they may know. They can suffer from large-scale attacks as cybercriminals target them for their assets along with sensitive information.

Some of these at-risk industries are woefully behind where they need to be in terms of cybersecurity infrastructure. For example, the supply chain and transportation industries are already struggling due to limited resources as a result of the pandemic.

Reports also indicate that 70% of small businesses are unprepared for a cyberattack, and almost 90% of professional hackers can penetrate a company within 12 hours. It is no surprise that the Federal Bureau of Investigation has officially ranked cybercrime as one of its agency’s most important interests.

Ensuring the security of critical infrastructure is vital to maintaining user safety, protecting data and ensuring the reliability of the electric grids. When it comes to cybersecurity awareness, the same principle of closing and locking a door applies to your employees’ online activity. Not taking the proper precautions could result in stolen and potentially sold information. To avoid this, it is critical to institute “cyber hygiene” best practices such as turning on 2-factor or multi-factor authentication, using strong passwords that are unique for each account and utilizing a password protection vault to contain online credentials.

Should you or your organization be the victim of the cyberattack – a key thing to remember is to preserve evidence for law enforcement. The first instinct may be for victims to delete everything after a data breach occurs, but preserving evidence for law enforcement is vital to determining the perpetrator and how they gained access. Verify which servers experienced the breach and contain them quickly to keep others protected.

The sudden surge in electricity demand puts added strain on the grid infrastructure, increasing the possibility of power outages or brownouts. In these high-pressure situations, the focus on maintaining grid stability could inadvertently lead to a reduced emphasis on cybersecurity measures, creating the perfect conditions for cybercriminals to exploit vulnerabilities and gain control. Even as charger installation ramps up to level the energy demand, it is critical to acknowledge that the expansion - as needed as it is - increases the number of entry points for malicious entities.

Identifying cybersecurity blind spots

Implementing proper cybersecurity measures is a high-stakes task for any organization, and it is only that much more critical for professionals in the energy sector. With the rapid evolution of modern smart grids, knowing where to begin may become challenging. The need for increased cybersecurity intel and training in the critical infrastructure sector is fundamental to aligning with comprehensive cybersecurity programs and protocols.

In collaboration with cybersecurity experts that know exactly what threats require actionable solutions to safeguard operational technology, stakeholders can rest assured that all potential security weaknesses are addressed. Regularly assessing blind spots through security audits and penetration testing helps in the development of threat response. Collaboration between EV charging station operators, utility companies, manufacturers and cybersecurity experts is critical to facilitating industry-wide security standards and sharing threat intelligence. By working together, stakeholders can better understand emerging risks, develop best practices and ensure that the entire EV ecosystem remains secure.

Proper cybersecurity measures play a major role in halting threats before disaster strikes. However, energy infrastructure professionals must always be prepared for incidents. Having a well-defined incident response plan that includes clear roles and responsibilities for the response team can help minimize the impact of an attack and ensure timely recovery.

Safeguarding energy infrastructure

Your home’s locked front door provides a physical safeguard for your valuables and yourself. In the context of a connected grid, locking digital doors must be a priority. In partnering with a cloud-based managed security service designed specifically for organizations, those locks are monitored at all times and provide managers with comprehensive remediation guidance. Advanced technology locates vulnerabilities, deciphers the threat and provides real-time alerts if a security breach is imminent. Additionally, managers gain invaluable access to thorough assessments of control systems, servers, smartphones, laptops and any other vulnerable device connected to a network.

As we increasingly rely on interconnected digital technology, vigilant cybersecurity measures must become second nature – just as engrained as locking a door or putting on a seatbelt. It cannot be thought of as optional, especially in the context of safeguarding the assets of others. Cyber safety is now a mission-critical function to ensure information is protected. Cybercriminals act fast when given the opportunity to exploit network weaknesses, and they will capitalize on any chink in the digital armor, no matter how small. To prevent this, the implementation of an end-to-end solution can protect the entire organization while also having a keen eye on any vulnerabilities within all applications and operating systems.

Robert Nawy is CEO of IPKeys Cyber Partners for a range of dynamic OT/IT environments. He has served in these roles since the inception of the company in 2005 and oversees the development and delivery of Municipal and Smart Grid products and services. He currently serves on the boards of directors of the Open Automated Demand Response (OpenADR) Alliance and the Advanced Energy Management Alliance (AEMA). Nawy also served as CFO & VP Business Development of Exenet and as CFO of Maden Technologies, a DoD focused high technology services provider.