Issue 12: New directions for power grid cybersecurity

by Smart Grid Forums on April 30, 2021

Cyberweekly No.12.1

Dear Colleague,
 
Many thanks to all those who participated in our April CyberAwareness Survey. We received a total of 30 responses, with 46.67% being from utilities, 26.66% from advisory services to utilities, 20% from technology suppliers to utilities, and 6.67% from system integrators to utilities. The job role profile of respondents was 56.67% engineering/operations, 26.67% strategic, and 16.67% cybersecurity.
 
The great news is that 73.33% of you have a formal cyber awareness programme already in place in your organisations, and 53.33% believe these programmes are ‘high’ on your board’s agenda, with 43.33% stating these are of ‘medium’ importance to your board. However, only 23.33% of you believe that these programmes are currently performing ‘very well’, with 63.33% of you stating that they are performing ‘well’, and 13.33%  stating that they are ‘not performing well’.
 
So, we are doing well but there is room for improvement if we are to get ahead of the threat landscape and assert our complete authority over the grid as we move deeper into the digital age. Here is a list of the improvements that you collectively suggest to take your organisational cyber awareness to the next level:
  • Better collaboration between senior management and power grid employees to spread cybersecurity responsibility and accountability further across the organisation
  • More frequent and detailed practical training programmes that are both formulated inhouse and provided by external partners
  • Robust measurement of programme effectiveness and continuous re-enforcement to instil cyber awareness amongst a wider range of employees
  • Gamification to drive deeper workforce engagement, inter-departmental competition, and accurate simulation of incident response and recovery to ensure high levels of preparedness
  • Constant review and adaptation of programmes to upgrade in line with the techniques, tactics and procedures of the fast-changing threat landscape
  • Genuine employee empowerment to encourage early alarm bells
  • Insights into real world cyber incidents that reveal details of the latest threat vectors and actors, and identify how these can be more effectively thwarted
What you’d like us to address through this newsletter, to help you expand your security mindset breaks down into 3 core areas: 1) Insights and lessons learnt from real life cyberattacks, 2) Organisational cybersecurity strategies that strengthen the human firewall and get you ahead of the threat, 3) Tools and techniques that empower employees to identify and respond to threats with immediacy and accuracy.
 
We can sense a strong security mindset shift since our first survey just two months ago! If information is power, then collaboration will be the creative force that ensures the good guys out-number and out-wit the bad guys and permanently assert our complete authority over the grid.
 
Please enjoy this week’s selection of news, views and resources below, and feel free to share this newsletter with colleagues in other departments, and peers in other organisations.
 
Kind Regards,

13491583329318294

Mandana White
CEO | Smart Grid Forums

News, Views & Resources

REPORT: Crowdstrike. 2021 Global Threat Report.
2020 was a year of hardship and grief for many, as well as tumultuous social and economic change on a global scale. For most of us in the business of stopping breaches and protecting organizations from cyberattacks, it was also perhaps the most active year in memory. The onslaught was unrelenting, and for some organizations, overwhelming. The details revealed in these pages are derived from first hand observations of our frontline cyber responders and analysts, coupled with insights drawn directly from the unprecedented volume of crowdsourced threat telemetry we continuously collect and dissect on behalf of our customers. Among the details you’ll learn in this report: How state-sponsored adversaries infiltrated networks to steal valuable data on vaccine research and government responses to the pandemic; How criminal adversaries introduced new business models to expand their “big game hunting” ransomware activities, and made them even more potent with the addition of blackmail and extortion techniques; How both eCrime and targeted intrusion adversaries stepped up their development efforts, deploying a variety of inventive new methods to evade detection and confound defenders.
To review the report, click here!
 
REPORT: Darktrace. 2021 Global Threat Report.
The sudden and wide-scale transformation to remote and hybrid working last year changed the digital landscape overnight and introduced heightened risks and new challenges. All this demonstrated the necessity for companies’ cyber security strategies to be dynamic and adaptive. Legacy solutions that rely on hard-coded rules and deny lists struggled in a new threat landscape which rendered many of these rules inappropriate or ineffective. This threat report looks at four key trends that have been identified by Darktrace based on observations across its global customer base. Every stage of the attack lifecycle is explored, from reconnaissance and initial intrusion, through to the final stage of the kill chain: ransomware and data exfiltration. The report details seven real-world cyber-threats that evades traditional, legacy security tools but were detected and investigated on in real time by Darktrace’s AI.
To review the report, click here!
 
REPORT: Accenture. Outsmarting Grid Security Threat.
Cyber-attacks pose a clear threat to electric power systems. But as these attacks proliferate, utilities,
regulators and governments continue to grapple with understanding the scale of the risks they face and determining the most effective responses. To date, efforts to secure transmission networks have captured the most attention. But distribution grids also face major risks from cyber-attack. Attacks on industrial control systems such as SCADA systems could result in blackouts, disrupting industry as well as vital services such as transportation and health. Accenture’s Digitally Enabled Grid survey reveals that distribution business executives cite interruptions to supply as their greatest cyber-attack related concern, closely followed by potential impacts on customer and employee safety.
To review the report, click here!
 
REPORT: Kaspersky. The State of Stalkerware in 2020.
Technology has enabled people to connect more than ever before. We can choose to digitally share our lives with our partner, family, and friends regardless of how far we are physically. Yet, we are also seeing a rise in software that enables users to remotely spy on another person’s life via their digital device, without the affected user giving their consent or being notified. The software, known as stalkerware, is commercially available to everyone with access to the internet. This report examines the issue of stalkerware and presents new statistics from 2020, in comparison to our previous data.
To review the report, click here!
 
WEBINAR: Smart Grid Forums. Navigating the Threat-Scape.
This 60-min webinar deep-dives into the lessons learnt from the most recent cyberattacks on the power grid, providing insights into how cybercrime groups are evolving, re-organising and honing their skills to enable higher-stakes activities. Through a series of presentations and panel discussions we: 1) Quantify the cyber risk facing the power grid in the next 2-3 years, 2) Predict the nature of the cyberattacks likely to be launched on complex IT OT converged infrastructures, 3) Identify the organisational, workforce and technical strategies that will strengthen the power grid cybersecurity posture and get us ahead of the threat. By getting to know the adversary inside out, and being able to predict their every move, power grid cybersecurity teams and their engineering colleagues stand a much better chance of building and maintaining smart grid infrastructures that are both secure-by-design and adaptive to the pressures of a more malicious threat landscape.  
To view the webinar, click here!
 

CyberAware Webinar Series

Screen Shot 2021-03-02 at 13.49.00

 

 
 
 
 

Topics: CyberAware