No industries are free from the relentless nature of cyber attacks, and the energy and utilities sector is no different.
Stats released this year for 2022 show that the average cost of a data breach in the energy sector hit a new record high of US$4.72 million. The same study, part of the Digital Demand-Driven Electricity Networks Initiative, supported by the Clean Energy Transitions Programme, the IEA’s flagship initiative, also highlighted how critical infrastructure — including gas, water and particularly power utilities — are favoured targets for malicious cyber activity.
Kinnera Angadi is the Chief Technology Officer for Honeywell Smart Energy & Thermal Solutions where leads end-to-end technology solutions innovating and delivering metering, sustainable solutions, communication platform, and software solutions for the utilities industry.
With more than 15 years of technology experience across IT and digital services, Angadi inspires innovation within organisations through advanced technologies. This includes electronics, mechanical and software engineers charted to solve key challenges across electric, water, thermal, burners and gas utility space and driving sustainability across smart energy and thermal solutions paving a path for digitisation.
Here, Angadi highlights why the industry is under fire now more than ever and how individual businesses can play a part in not only protecting themselves but the wider sector from threats posed by cyber threats.
Why is the utilities industry a growing target for cyber attacks?
Like most industries, the utilities are not immune from being targeted and companies today recognize that future attacks are a matter of ‘if’ rather than ‘when’. In fact, a recent analysis by the International Energy Agency (IEA) found that the number of cyber attacks on utilities rose steadily between 2020-2022, with the number of weekly cases more than doubling in three years’ time to 1,101.
As utility companies integrate digital technologies for efficient operation, they become more exposed to cyber threats. Honeywell is proactively addressing these vulnerabilities by integrating advanced cybersecurity measures like quantum-computing-hardened encryption keys into smart meters. This initiative enhances the resilience of utilities’ digital infrastructures against sophisticated cyber threats, reflecting Honeywell’s commitment to safeguarding essential services against the evolving landscape of cyber risks.
What are the potential outcomes of a cyber attack for a utilities company?
As you know, utility companies provide essential services for municipalities – water, heat, gas and electricity. In recent years, high-profile attacks have led to substantial financial losses due to ransom demands and repairs, alongside operational challenges like power outages and data breaches. The types and level of exposure from these cyber attacks can range in severity, everything from threatening the reliability of our electrical systems to the safety of our water systems. Attacks have reportedly damaged critical infrastructure or shut down service temporarily, disabled remote wind farm controls, and impacted customers and employees who have had their data information breached. These types of attacks have resulted in utilities paying millions of dollars in ransom demands and critical repairs.
Honeywell has recognised these risks and sought to enhance cybersecurity measures. By leveraging advanced technologies such as quantum-computing-hardened encryption, we’re setting new benchmarks in data security. This not only protects against immediate threats but also fortifies the utilities sector’s resilience against future cyber attacks.
What can utilities companies do to protect from advanced cybersecurity threats?
To protect against advanced cybersecurity threats, utilities companies must adopt proactive and comprehensive strategies. It is critical to adhere to industry best practices and standards, particularly in encrypting data during transmission and storage. Moreover, leveraging advanced and innovative solutions like quantum computing, especially as a formidable counter against threats. For commercial facilities adopting this technology, appointing a dedicated security administrator is crucial. This role involves setting and reviewing security protocols, actively monitoring security events, and subscribing to security alerts to respond swiftly to potential threats. While the initial investment in advanced cybersecurity technologies might appear substantial, the long-term benefits are significant. These include unparalleled protection, aiding in the transition towards a sustainable and net-zero future, and efficiency gains through automation and unique key allocations. Facilities managers can thus ensure an uncompromised path towards green innovations and a digitally secure future. This multifaceted approach, blending industry best practices with cutting-edge technology, positions utilities companies to effectively counter sophisticated cybersecurity threats.
How can the utilities sector stay ahead of potential breaches?
Staying ahead of potential breaches requires the utilities sector to embrace continuous innovation and advanced technologies. This is what makes quantum-computing-hardened encryption keys so instrumental in ensuring top-tier data protection. Regular vulnerability assessments, embracing AI-driven security systems, and fostering a culture of security awareness are vital. Collaborations with cybersecurity experts can provide additional insights and cutting-edge solutions. Adapting to emerging threats with flexible and dynamic security strategies ensures that the utilities sector remains resilient against evolving cyber risks.
What does the future of cyber defence hold for the utilities industry?
The future of cyber defence in the utilities industry points towards an increased reliance on advanced technologies like quantum computing and AI, providing sophisticated encryption and real-time threat detection. Integrating quantum-hardened encryption into smart meters indicates the industry’s direction towards more secure IoT devices and collaborative efforts with cybersecurity firms. This forward-thinking approach ensures that the utilities sector is well-prepared to face and overcome the challenges of an ever-evolving cyber threat landscape, securing a sustainable and resilient future.
Energy Digital is a BizClik brand.