The COVID crisis brought the world economy to a standstill. With near ubiquitous lockdown enforcement to stop the spread of the pandemic, remote operation and virtual collaboration has been absolutely critical to ensure some semblance of business continuity. This capability relies heavily on essential services like telecom and electric utilities – and both have thankfully delivered flawlessly without major outages in most areas so far.
In asset intensive industries like electric utilities, the growing investments in increased digitalization enabled by private wireless solutions has been key to delivering extreme reliability driving new business and ensuring mission critical applications. For example, private LTE networks open the door to grid control automation by enabling grid equipment, smart meters and substations to communicate in real time. They can also help utilities quickly and seamlessly integrate distributed renewable energy sources into the grid. Private wireless networks aren’t just for reducing OPEX and streamlining grid operations. They can also enable utilities to provide new services such as CCTV, smart city services, electric car plug-ins and small cell communication.
What about cybersecurity in the new era of the private wireless-connected grid?
In COVID times, we are seeing a significant increase in cyber attacks on critical infrastructure like electricity grids with the aim of causing widespread disruption. Remote operations of grid networks from homes is becoming the new normal – but this also exposes the grid to many new cyber-risks. To protect against outage due to cyber attacks, it is essential for utilities to have a comprehensive end to end security strategy to minimize vulnerabilities across business and mission critical IT and OT infrastructure.
One ‘security by design’ approach is the adoption of private wireless for utilities’ field area networks (FAN). Private wireless solutions offer much richer built-in security than legacy grid connectivity solutions. They include comprehensive 3GPP security mechanisms such as the Evolved Packet System (EPS), the EPS-AKA or EAP-AKA authentication protocols, Transport Layer Security (TLS) authentication and IPSec between nework elements and management systems. Private wireless solution vendors also typically integrate a strong end-to-end security infrastructure that includes next-generation firewalls, IPSec gateways and IPS/IDS appliances.
Identifying and addressing new cybersecurity threats
Utilities will need new capabilities to adapt to the evolving cyber threat landscape and protect private wireless-connected energy grids. The key cybersecurity concerns will fall into three categories:
- Security controls: Do we have the security controls we need for a private wireless ecosystem that will enable grid control automation and new smart city services? How do we comply with regulatory and industry standards as we introduce the new ecosystem?
- Infrastructure and operations: How will private wireless connectivity change our security operations? Do we have the right threat models? Can our current security systems handle the challenges presented by distributed computing and storage of grid data? Can they fulfill adaptive security requirements across the grid? Are we ready to manage the new ecosystem’s built-in security infrastructure?
- Human resources: Do we have the cybersecurity skills we need to manage the challenges of the security transformation? Do we need to expand our security team to handle the additional tasks? Can we ensure the appropriate security awareness throughout our organization?
The best way for utilities to start addressing these concerns is to work with a mission-critical communication security expert to conduct a comprehensive assessment of their current security posture. This will help them identify the investments and upgrades they need to provide effective protection for an agile grid. Based on the result of the assessment, a utility can choose to make the necessary upgrades on its own or turn to a managed security service provider (MSSP) for help.
Why work with an MSSP?
MSSPs have security operations centers (SOCs) that use the latest AI- and machine learning-powered security toolsets. These tools are essential for achieving the economy of scale that utilities need for next-generation grids. They can handle repetitive or well-known threats through automation and allow the MSSP’s security analysts to focus on critical incidents and zero-day exploits.
An MSSP will ensure the best possible business results by applying best practices it has developed in completing complex customer projects. It will use these practices to help align a utility’s security posture – including factors such as security for mission-critical communication, security compliance and security architecture – with an ideal reference base. The MSSP’s security analysts will support the utility with a deep understanding of the security implications of mission-critical wireless and wireline communication ecosystems, as well as generic IT security competence.
By combining automation, best practices and experience, an MSSP can help power utilities optimize people, processes and technology from end to end to achieve the right security posture for the private wireless-connected grid.
Visit our website to learn how our managed security services can help you keep your grid safe from cyberattacks 24/7.
About Tamás Bischof
Tamás works in Nokia’s Global Services marketing team responsible for Managed Security Services – the company’s E2E security solution. When not helping customers discover the benefits of reliable security solutions, Tamás is an avid sport fan, regularly visiting football pitches, tennis and squash courts as both a hobby player and a spectator.
Tweet me at @BischofTamas