28/03/2022
Three Steps to Building a More Cyber-Resilient Grid
Much of this is new territory for owners and operators, who are used to traditional OT environments. Following some fundamental steps will help them integrate the cyber defenses that are now essential to protecting the entire grid infrastructure.
Follow NERC Requirements. The North American Electric Reliability Corp. (NERC) offers guidance on how to tackle this formidable challenge. NERC maintains Critical Infrastructure Protection (CIP) requirements to guide asset owners in securing the bulk electric system and preventing intruders from accessing it. The CIP mandates adopting either rock-solid physical security or a combination of slightly less physical security with strong cyber security. Maintaining the right balance is already a tricky proposition for asset owners; the increasing adoption of networked IT will cause NERC to push stronger regulations all the way to the smaller and smaller substations.
Design Cyber into All Modernization Efforts. Owners and operators will be well-served to get a head start on cyber resilience as they undertake other modernization initiatives. For instance, as part of strengthening physical resilience against climate threats, utilities may relocate substation equipment to safer locations. This is already being done in places like New York City given flood events from increasingly severe hurricanes. Other cities are following suit. Such moves will obviously include upgrading to the latest connected technology. It only makes sense to factor in cybersecurity as part of the plan from the start.
Adopt Proven Solutions. There are reliable, time-tested solutions available that asset owners can adopt as they move forward. The following are two examples:
Security information and event management systems (SIEMSs) are designed to monitor the status of assets and help identify network intrusions. If a particular network asset is changed or disrupted, the SIEMS will collect data about that event, which can then be reported to utility staff monitoring in-field assets for further investigation.
Hardware-enforced security solutions that incorporate physical devices can provide a deeper protective layer. NERC provides guidance on how to adopt hardware technologies such as non-routable access points, which enable remote monitoring and sharing of specific system data. Such devices provide a physical boundary between the source network at a substation and the monitoring center where data is captured. Stripping away traditional open network protocols that are inherently insecure prevents bad actors who may breach substations from having electronic access to the broader grid.
The world is already witnessing the impacts new digital warfare can have, and how it can even be combined with a physical invasion. DoE’s Build a Better Grid initiative will keep pressure on grid providers to not let their guard down against the growing number of threats posed to critical infrastructure here at home. Asset operators and the nation will be well-served by seizing the opportunity to mitigate physical threats from climate change along with safely and sustainably hardening cyber resilience—both of which will keep the energy on which we all depend flowing.
—Dennis Lanahan is a cybersecurity veteran with deep expertise in operational technology who serves as vice president for Critical Infrastructure Markets at Owl Cyber Defense.
https://www.powermag.com/three-cybersecurity-steps-integral-to-building-a-better-grid/
In January, the U.S. Department of Energy (DoE) launched its new Building a Better Grid initiative. The DoE’s stated intention for the program is to
