Recent attacks have prompted utilities to reexamine their cybersecurity protocol. There is a growing awareness that vulnerabilities can lead to disaster. The SolarWinds software supply chain hack exposed about 25% of electric utilities to malware, according to NERC. And a single compromised password at the Colonial Pipeline Co. created an opening for ransomware which ultimately led to the shutdown of the largest gasoline pipeline on the East Coast.
The cyber threat, combined with the growth of distributed resources, has led many industry players to evaluate new approaches to securing bulk electric system assets.
Some project that security requirements will move away from prescriptive standards for historically broad categorizations of low, medium, and high impact facilities:
These standards have been in place for over a decade despite a rapidly evolving industry. In addition to the increase in distributed resources, the digitization of the grid, and the convergence of information and operational technology systems have contributed to the changing landscape in which utilities operate.
The threat equation is also much different than it was a decade ago. Over the past year alone we have witnessed numerous complex cyber threats in the US. These attacks exemplify the power of a coordinated digital offensive. Given their ability to compromise systems, there is no question that the industry must begin with a real understanding of the scope of the threat and then identify a path forward for all asset environments.
Convergint offers a powerful combination of industry understanding and security expertise, facilitating our ability to assist in three key ways:
To schedule your free consultation, fill out the form below.