in Up Front
print the content item

This is a "smart" world. From smart grids and smart weapons to smart phones and smart appliances, technology is driving increased capabilities, improved productivity and greater cost efficiency. But there is an irony in this proliferation of high-tech efficiency, and that is the inability of technology, by itself, to deliver "smart" cybersecurity.

Sophisticated technology tools are capable of detecting and blocking a majority of cyber threats faced by most users. But in vital industries and government agencies where compromised systems can have far-reaching consequences, tools alone are insufficient. These enterprises - the energy industry among them - are often the targets of advanced threats from highly motivated attackers.

In this high-value, high-risk echelon, the term “smart” must be expanded to encompass not only cybersecurity technology solutions, but also human insight and industry collaboration. Our company, which has taken a leadership role in developing this three-pronged approach in the defense industry, calls the method “intelligence-driven cybersecurity.”

Heightened concern - and spending

In recent years, the energy industry has adopted elements of intelligence-driven cybersecurity, as it has recognized the risk exposure that comes with complex technology for managing, controlling and connecting information technology (IT) networks through smart generation, transmission and distribution systems.

Cybersecurity spending projections confirm that the industry’s concern over its vulnerability to cyber attacks is growing. By 2020, spending on smart grid cybersecurity is expected to reach $608 million, representing a 70% increase in eight years, according to Pike Research, a part of Navigant’s energy practice.

That figure would place cybersecurity second only to distribution automation in utilities’ overall IT investment. Given this increase in both the threat exposure and spending to combat it, a comprehensive, collaborative approach is becoming even more important to ensuring that the industry is receiving an effective and cost-efficient return on its cybersecurity investment.

Understanding the enemy
Knowledge is the foundation of the intelligence-driven approach. Cybersecurity professionals widely agree that 80% of all intrusion attempts are carried out using low-cost attack mechanisms that typically can be stopped through best practices, proper configurations and comprehensive network monitoring.

It is the other 20% - the advanced threats - that present the greater danger. These attacks are typically designed to establish a presence deep inside the targeted network, where they can disable or circumvent security tools to exfiltrate data or - the primary concern of the energy industry - to damage operational systems that control the grid. Here’s where knowledge of the attackers’ tactics, techniques and procedures becomes invaluable.

To protect our company’s own systems and those of our critical government and commercial clients, we have extensively studied advanced threats and developed a detailed description of the seven-phase Cyber Kill Chain that characterizes their progression.

When an attempted intrusion has been detected, the kill chain methodology allows cyber professionals to determine the phase of the attack and extrapolate how it would have played out had it not been detected. The security team is able to analyze and document the anatomy of the attack, perform system-wide mitigation, and install customized defenses and mitigations against similar attacks at each phase of the kill chain that increases the attackers’ cost and complexity while reducing the likelihood of future successful attacks.

Moreover, our company compiles information about each intrusion it encounters in a database that increases its security intelligence. To stay ahead of evolving threats, the corporation tracks more than 30 adversarial groups and continually generates new detection capabilities, intelligence management practices and technologies to mitigate them.

Importance of collaboration
The effectiveness of this approach is multiplied when companies work together to identify threats and share cyber intelligence. Employed with great success by the defense industrial base, collaboration also has been taking hold in the energy, financial services and healthcare industries, which by their natures recognize the importance of cooperation.

In addition to providing cybersecurity services to several major energy companies, we have been working with cybersecurity analysts from leading utilities in regular webinars that complement real-time collaboration within the energy industry. Members of this information-sharing community provide one another with insights, concerns, best practices and actionable intelligence so that security solutions do not have to be continually reinvented. Industry-wide collaboration also is evident in initiatives that provide common cybersecurity training and joint simulations.

This approach will play an essential role in the energy industry’s ability to “connect the dots” and address the cybersecurity challenge inherent in the growth of smart grid technologies. A good example is American Electric Power’s gridSMART project, which we support through cybersecurity intelligence management applications and services.

The challenges ahead
As automation and smart grid technologies continue to improve the efficiency of power distribution in North America and throughout the world, there is no shortage of challenges to protect the industry from malicious attacks. Securing mobile communication devices, advanced equipment and control systems will require close collaboration between utility companies and vendors to ensure that robust cybersecurity is integrated into all aspects of the power grid architecture.

Perhaps most important, however, will be the continued adoption of knowledge management and collaborative practices to establish a comprehensive, proactive defense against advanced and continuously evolving cyber threats. This will require a firm commitment by the industry to recruit and train cybersecurity professionals and to maintain cybersecurity as a priority focus of the industry.

Our energy practice is already seeing a stepped-up commitment by many of the industry’s leading companies, which are applying best practices and expertise to define their security strategies and prioritize their spending for maximum impact. The industry is recognizing that as the sophistication of its infrastructure grows, so must the sophistication of its approach to cybersecurity.

Just as smart technologies are the future of the energy industry, intelligence-driven cybersecurity that combines technology, knowledge and collaboration is the future of the industry’s protection.

Rich Mahler is senior manager of energy and cyber services at Lockheed Martin. Based in Bethesda, Md., Lockheed Martin is a global security and aerospace company that is engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services.

Hybrid Energy Innovations

Hybrid Energy Innovations 2015
Latest Top Stories

Two Years After Superstorm Sandy, Utilities Highlight Grid Efforts

As the U.S. reflects on the monster hurricane that struck in October 2012, utilities note what they have done to help protect against future severe weather.

USDA Invests $1.4 Billion To Boost Rural Grids Around The Country

The U.S. Department of Agriculture (USDA) has announced more loan guarantees for rural power companies and renewable energy firms in 21 states.

SPP Raises Concerns About EPA's Proposed Clean Power Plan

Stakeholders around the U.S. are mulling over the Environmental Protection Agency's blueprint to cut emissions from existing power plants. The Southwest Power Pool has released its assessment of the plan.

Comverge, Constellation To Merge Demand Response Businesses

The two companies have announced a deal to combine their DR operations serving commercial and industrial customers and establish a new, standalone entity.

Grid-Scale Energy Storage Continues Making Inroads

A new report from Navigant Research highlights the biggest markets and most popular technologies for grid-scale energy storage.

S&C Electric_id176