Siemens: cybersecurity for energy during COVID-19
Following on from Energy Digital’s last article on Siemens, the company has released a prudent guide to cybersecurity during remote working.
Recognising that working from home has taken on vastly greater significance for the energy industry because of the COVID-19 pandemic, Leo Simonovich, Global Head of Industrial Cybersecurity, believes that executives face a two-fold challenge of safety and security.
“By accessing critical plant production and grid networks from homes, employees raise the risk of a possible second wave crisis: rolling outages and safety events when keeping the lights on matters most,” said Simonovich.
“Attackers will attempt to exploit the rush to remote systems, understaffed facilities, and new ways of working.”
Understanding the threat
Although enterprise systems are always under a certain degree of threat from cyberattacks, workers trying to keep utilities functioning correctly may be working in sub-optimal conditions that amplify security faults.
Some of these include unsecured internet connections and human-error caused by a different way of working (i.e. a change in workspace setup which renders once-familiar tasks difficult or confusing).
For this reason, Simonovich advocates, energy companies must thoroughly asses each procedure and determine which are safe to operate by a worker remotely and those which are not.
“Cybersecurity is as strong as its weakest link,” he continues. “Ensuring that partner systems work from a shared roadmap will help utilities assess and improve security. Failing to consider partners’ cybersecurity leaves a potentially large blind spot in your defences.”
Establishing a response
After understanding where the increased risk of cyberthreats comes from, Siemens recommends setting up a clear three-pronged approach to bolter defences:
Secure connections: Knowingly giving access to strictly confidential or important systems to workers who cannot guarantee security is unacceptable, therefore companies must carefully assess what plant operators require access to in order to mitigate the risk of infiltration.
Monitor anomalies: Because remote working is currently outside general ‘normal working conditions’, it may be difficult to differentiate between a cyberattack and legitimate operator usage. Careful monitoring of the system will help to establish a baseline to measure this.
Prepare an incident response plan: Workers may be off-site, ill or otherwise not able to respond in their normal capacity during a cyberattack event. Plants must factor in these changes and alter response plans accordingly.
“While the COVID-19 crisis makes these steps urgent, several long-term trends that pre-date the pandemic will drive similar changes,” Simonovich states.
These changes will include new operating models, automation and advanced training for remote workforces. Due to the unknown length of the current pandemic and its effect on global lifestyles, companies should prepare for these changes over the long-term.
For more information on energy digital topics - please take a look at the latest edition of Energy Digital Magazine.