Skip to main content

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | Pardot Privacy Policy | Oktopost Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Cybersecurity in the utilities industry: leveraging analytics to break down the cybersecurity dilemma


Posted on: August 13, 2018 by Mazi Fayazfar

On December 23, 2015, hackers executed what’s considered the world’s first successful attack on a power grid. They took control of utility systems in the Ukraine and knocked out power to 225,000 customers across three distribution companies for several hours. It wasn’t the limited damage but the coordination and sophistication of the attack that left utilities around the world worried.

The hackers are presumed to be Russian, based on the IP addresses of the computers used in the attacks. Spear phishing and malware gave them a foothold in the IT networks of the three utilities, from which they harvested credentials to access the utilities’ industrial control system (ICS) networks. With that, the hackers were able to seize control of the supervisory control and data acquisition (SCADA) systems and:

  • Turn off substations
  • Disable or destroy various IT infrastructure components
  • Simultaneously execute denial-of-service attacks on the utility call centers, preventing customers from reporting and receiving important information.

These events raised the stakes for grid security to a new level. A similar attack on the U.S. power grid would be highly disruptive, likely costing hundreds of billions of dollars in economic damage while threatening public safety in myriad ways. Think of our dependence on electricity for healthcare, transportation and infrastructure alone. The U.S. response could also alter the geopolitical landscape or lead to military conflict.

Welcome to FUD: fear, uncertainty and doubt

Almost inevitably when I meet with utility clients, discussion of cybersecurity strategy and investment take on the aura of FUD. What are the worst-case scenarios? How likely are those scenarios to unfold? What is a prudent amount of effort and investment to manage that cybersecurity risk?

Perhaps the more challenging question: How do you balance investments in cybersecurity with investments in reliability and resiliency — given that weather events, thus far, cause far more disruptions and outages than cyberattacks?

In other words, cybersecurity too often comes down to a binary question of how much to invest in two options:

  1. “Insurance,” incurring a sunken cost to protect against a serious event that may or may not take place.
  2. “Opportunities” to drive future growth.

If you’ll notice, the cybersecurity dilemma does not, nor should it, take place only within the IT team. Particularly in an IoT world.

Data science vs. FUD

In my experience, analytics and cognitive computing, such as machine learning and neural networks, greatly augment traditional IT-based security tools. So, if you’re looking at cybersecurity and analytics as separate, discrete endeavors, you’ll be leaving money, security and synergy on the table. This is a distinctly different conversation from the “FUD-based” discussion.

Read my next post to see where this distinctly different conversation goes.

Share this blog article

  • Share on Linked In

About Mazi Fayazfar
Chief Technology Officer for the Telecom, Media & Utilities, Atos in North America
Mazi is the Atos North America CTO and Chief Evangelist supporting the Telco, Media and Utilities markets (TMU). He is a seasoned IT executive with hands-on experience in all aspects of Information Technology including Application Development, eCommerce and Digital Transformation, Cyber Security, IT Strategy and Enterprise Architecture. His charter and mission is to partner with senior global executives and technologist as a trusted advisor on the best use of technology to support TMU accounts and Atos NAO. Mazi has created architectural and technology roadmaps that have resulted in stronger business strategy enablement via technologies and thus driven significant business value.

Follow or contact Mazi