A utility CEO recently told me about the nightmare that keeps him awake at night. It isn’t fires. It isn’t outages. It’s cyberattacks.
Utilities build, operate and maintain different types of networks that deliver energy reliably and safely to their customers. At the same time, they have a responsibility to protect these networks from compromise, including cyberattacks on all the sensors, endpoints, software, firmware and other infrastructure – which may be brand-new or decades old.
A cyberattack used to mean a breach of information technology. And while I.T. is still the focus of 90 percent of cybersecurity spending, operations technology (O.T.) is just as vulnerable to cyberattacks. And the security measures that work for I.T. may not protect O.T.
Several O.T. attacks in recent years – a power grid in Ukraine in 2015, a German nuclear power plant in 2016, a safety system in the Middle East in 2017 – have revealed utilities’ weak points. The attacks raised alarms within the utility sector about emerging threats that warrant investment, and highlighted the need to think about cybersecurity beyond a traditional I.T. framework.
Today, seven trends shape cybersecurity innovation for both I.T. and O.T. These trends drive National Grid’s cybersecurity strategy, as well as our technology investments.
The advantages of using enterprise cloud-based solutions – economy, efficiency, collaboration and easier deployment and maintenance – are offset by the vulnerability that can come from the cloud’s scale and accessibility. Security solutions that can effectively manage data and applications both inside the firewall and in the cloud are top of mind for most CISOs.
Increases in privacy concerns, reporting requirements, and data breaches have led to a rise in data privacy and compliance regulations. Innovative solutions are needed to keep pace in managing compliance, both internally and for external reporting.
The proliferation of computing devices in recent years has created an increase of computing edge points that are more distributed, vulnerable, and less secure. That’s also resulted in an increase in cybersecurity solutions for these distributed computing devices and edge points, inside and outside the firewall and in the cloud. These distributed workloads residing at the edge require a robust platform to properly manage and secure them. That’s why National Grid Partners invested in Pixeom, a market-leading software-defined edge computing platform that was subsequently acquired by Siemens.
The increase in the volume of data everywhere has made it more important than ever to innovate around data automation and machine learning in order to better detect cyber-threats the data may reveal. National Grid Partners recently invested in A.I. company SparkCognition, whose DeepArmor predictive software can find zero-day software intrusions (no signature required) more accurately and reliably than other solutions.
The rapid expansion of personal computing devices in the workforce has exponentially increased cyber-threats and made organizations more vulnerable. Cybersecurity innovation outside the firewall has increased accordingly: on the web, in social networks, and on mobile devices.
While the bulk of cybersecurity budgets have been focused on I.T., breaches and cyberattacks on critical infrastructure can be more visible – and, potentially, more catastrophic. (In 2017, hackers halted operations at a Middle East industrial facility after invading it through a hidden flaw in the electricity provider’s safety system.) This is why National Grid Partners has invested in Dragos, a leading cybersecurity platform for industrial control systems (ICS) that offers asset identification, threat detection, and response capabilities.
Another way organizations are coping with the ever-increasing cyber threat is to move towards operating zero-trust networks, in which the network is presumed to have already been penetrated. By securing the workload only to authorized connections, you can add a layer of protection and minimize breaches. Reflecting this trend, National Grid Partners invested in cloud-security provider Aporeto, which we believe could be a new paradigm in cyberprotection for distributed workloads inside and outside the firewall. Aporeto subsequently was acquired by Palo Alto Networks.
Investing in cybersecurity innovation
To fully prepare for cyberattacks, it’s critical for utilities and other infrastructure companies to think beyond their own experiences. And with more than 3,800 cybersecurity companies around the globe, there’s no shortage of innovation. Growing solutions include:
Utilities can gain insights about advanced cybersecurity solutions from other sectors that have large I.T. and O.T. environments and manage critical infrastructure assets. Sectors with similar needs would include large government agencies, oil and gas companies, automotive and other heavy-industry manufacturers.
National Grid’s Global Cybersecurity group takes a best-in-breed approach to innovation, finding new technologies and investment opportunities in major areas of cybersecurity, including containers and distributed workloads (Aporeto), ICS threat detection (Dragos), A.I. and zero-day malware (SparkCognition), and edge computing (Pixeom).
Technology investment and development helps create a workplace culture of cybersecurity preparedness, introduces emerging technology to support that culture, and strengthens our cybersecurity defenses. Most importantly, a robust investment program allows us to stay steps ahead of the next cyberattack.
Andre Turenne is a Director at National Grid Partners, focusing on cybersecurity.
Learn more about National Grid Partners and how we invest in cybersecurity.