Full Title: Utilities in the Connected Age: Strategies for Cybersecurity
Author(s): Greentech Media, CISCO
Publisher(s): Greentech Media
Publication Date: December 1, 2016
Full Text: Download Resource
Description (excerpt):
Security is more than just a regulatory-driven necessity for utilities; it has become a business imperative. Most utilities can no longer do business effectively or efficiently without internet-of-things (IoT) technology; and recent events in the Ukraine have shown that largescale attacks against power grids can succeed. Beginning July 1, 2016, U.S. utilities must comply with NERC’s Critical Infrastructure Protection standard, v6, which features an expanded scope and greater emphasis on security, compared to previous NERC CIP regimes. Most utilities in the U.S. already possess a relatively high level of awareness and sophistication about cybersecurity, compared to other industries — but there are some common weak spots. To respond effectively to ever-shifting cyber threats and vulnerabilities, utilities must adopt a risk-based security approach that exceeds regulatory requirements. This paper recommends an integrated utility security program that encompasses physical and digital security technology, staffing and training, leadership support, crossdepartmental collaboration and cross-sector coordination.