Cyber attacks aimed at U.S. businesses and government entities are being launched from various sources, including sophisticated hackers, organized crime, and state-sponsored groups. These attacks are advancing in scope and complexity.
The electrical industry is uniquely singled out as a target for cyber attacks. The Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reports that in the first half of 2013 some 53% of all reported cyber attacks were on the energy sector, followed in prevalence by 32% on Critical Manufacturing, and 5% each for the next most targeted sectors (communications and transportation).
The electric utility industry is also unique among critical infrastructure sectors in having a mandatory and enforceable reliability and cyber security standards regime. Under the existing regime, the electric power industry works closely with various government agencies on securing the power system. Additionally, utilities actively implement cyber security measures on their own, and help develop reliability standards with the North American Electric Reliability Corporation (NERC).
Imminent cyber threats require quick action and flexibility that can come only from close collaboration with the government and emergency response protocols that are planned and practiced before a disaster strikes. It also takes situational awareness of a variety of data to isolate and prevent or recover from an event. Increasingly the focus is on defense in depth coupled with resiliency when a vulnerability is exploited.
Getting all the stakeholders that are responding to a cyber event on the same page requires access to intuitive and comprehensive visualization of the problem, drawn from analytics that span all relevant data sources. Also helpful is quick access to various response mechanisms–operational controls, social media, first responder communications—integrated with the analytics and visualization:
Situational intelligence applications show promise as an approach to gather all data sources and stakeholders together into a coherent approach to cyber event preparation, prevention, assessment, recovery and documentation.
John Di Stasio is President of the Large Public Power Council.