Smart grid security activities ramping up in U.S., survey finds


Usman Sindhu,
Senior Research
Analyst, IDC Energy
Framingham, MA, U.S.A. — (METERING.COM) — July 18, 2011 – Over the past year smart grid security concerns among North American utilities have seen increased commitment and security budgets have increased, according to a recent survey from IDC Energy Insights.

According to the survey, which covered more than 150 U.S. utilities, more than 75 percent of the respondents deemed security investments to be of the highest importance. At the same time, 38 percent depicted security to be one of the top IT initiatives this year, while more than 60 percent plan investments in new security solutions or maintaining or upgrading their existing solutions. Planned investment in security software is particularly high, with 58 percent of respondents stated that investment in security software will comprise quarter to half of their budget.

In 2011, utilities are spending their budgets updating the security appliances and software, especially focusing on client security (antivirus, anti spam, anti-malware) and intrusion prevention.

Further, a majority of utility CIOs recognized that data protection will be a key issue. Some utilities are already collecting large amounts of data via their pilot programs, and they are starting to realize that to win customers’ confidence, they have to employ protection schemes.

However, many utility CIOs expressed concern about the lack of security standards for home area networks (HANs), which will push security vulnerabilities upstream, requiring the utility to perform ongoing vulnerability testing in multiple areas.

According to IDC, although smart grid security initiatives are ramping up, these efforts may not be sufficient. While large investor-owned utilities (IOUs) and public cooperative utilities are spending money and setting up best practices to streamline security, they only embody 20 percent of the utilities in the U.S. To enable industry-wide momentum, the architecture will need to be evaluated to ensure end-to-end infrastructure safety and protection, given all the unknowns in the smart grid arena.

“There’s great momentum in the industry towards ensuring security is addressed in smart grid projects; however, these efforts are led by 50 percent of the large utility companies,” commented Usman Sindhu, senior research analyst at IDC Energy Insights. “While investments are picking up, utility companies are still behind on developing a security-aware culture.”

Utility CIOs will play a key role, and should be ready to work with operations and engineering groups to ensure security and risk practices are implemented.