Story image

Cybersecurity should be priority in US$8b smart utility spend

23 Aug 18

The modernisation of utility infrastructures is enabling increased efficiencies and reliability through digitisation, connectivity, and IT-based approaches.

Smart cyber assets are transforming both power and water grids, allowing operators to deploy and leverage a new generation of functionality and customer services.

However, smart utilities are also highly vulnerable to cyberthreats and security is a primary concern, states ABI Research, a market-foresight advisory firm.

Unfortunately, digital security remains largely unimplemented during utility modernisation due to cost, resource, and time constraints.

This is exasperated by issues with adapting cybersecurity to operational technology (OT) environments and an overall lack of knowledge and expertise in bridging these divides.

Further, public sector efforts have petered out since 2012-2013, when both the United States and European Union were actively driving national cybersecurity strategies.

The current US administration seems to have dropped cybersecurity from its list of priorities, and the European Commission is struggling to get its NIS Directive off the ground and obtain adequate funding for ENISA to fulfill its mandate.

Most of the EU member countries have not taken the NIS directive to cyber-secure critical infrastructure seriously.

With the continuing growth of connected cities, it could be concerning if local governments follow the US and EU’s example.

“It seems that the United States and the European Union have forgotten that cybersecurity needs to be a continuous effort, not a one-time announcement to tick all the boxes,” said  ABI Research digital security research director Michela Menting.

The lack of sustained public support sends a deflated message to operators in the field about the importance of cybersecurity.

“Worryingly, both power and water utilities have reported advanced persistent threats which exploit flaws in industrial control systems. More critically, run-of-the-mill cyberthreats such as ransomware and DDoS attacks are increasingly affecting operator’s cyber-assets, both on the back and front-end. Cybersecurity must be a concerted effort by all stakeholders, including the public. With only partial support, the risks intensify.”

While power and water grid stakeholders will spend over US$8 billion globally on cyber-securing utility infrastructures in 2018, only a small portion of that will be dedicated to operational technologies and smart systems.

Savvy local security providers could leverage this opportunity by approaching regional governments.

Grid modernisation efforts are an ideal time to start designing and integrating digital security and provide an opportunity for adapting existing mechanisms and processes to the OT space - from industrial control systems to smart meters.

“Operators and other stakeholders should remain firm in their commitment to cybersecurity, despite the backseat public support,” Menting adds.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
How SMBs can use data to drive business outcomes
With the right technology, companies can capture consumer, sales, and expense data, and use it to evaluate and construct future plans.
Survey shows that IoT is RoI across Asia Pacific
A recent Frost & Sullivan survey across Australia, Hong Kong and Singapore shows that IoT deployment improves business metrics by around 12%.
IDC: Aussie spending on IT Services to hit $23.5B by 2023
the project-oriented market which is predicted to achieve the highest CAGR through to 2023; though no market is expected to decline
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.