The pandemic has significantly impacted cybersecurity priorities and budgets. Companies, and especially chief information security officers (CISOs), had to rethink remote working models and their digital security implications. The pandemic did not stop hackers. Quite the contrary: during the pandemic, the FBI received 400% more cybersecurity complaints daily than before.
During this time, essential operators like manufacturers, hospitals and energy providers had to maintain business continuity as the world depended on them more than ever. But how to do that when cyber threats strongly targeted their supply chains?
OT security importance in energy
We recently carried out an operational technology (OT) risk assessment for a leading electricity provider.
Electricity providers need to ensure that their OT equipment (industrial control systems (ICS), programmable logical controllers (PLC), supervisory control and data acquisition (SCADA)…) is not be disrupted after a cyberattack. The client operates along the entire value chain, from power generation and trading to sales. A shutdown of even one day could result in significant damages and costs. Its initial request was then to carry out an all-round analysis of its OT environment:
- OT information security maturity assessment (ISMS) according to relevant standard or framework
- OT technical security risk assessment
- OT assets risk overview
- The physical security of the OT environment
Cybersecurity consulting in times of crisis
Throughout my career of working with the global cybersecurity consulting team, having spent more than 20 years in information technology and more than 8 years in information security, this was the first time we faced such a unique situation. We had to deliver a report, including analyses and summary of the prioritized measures that should be implemented to increase their maturity posture. The project was launched in January this year, but soon we were faced with the COVID-19 pandemic challenges.
Specialized in governance, risk and compliance, I am used to aligning with our customers business strategy on face-to-face meetings. Yet, the COVID-19 obliged us to cancel onsite venues. The documentation was also limited to some extent, as data policies regarding document sharing had been strengthened.
Addressing an OT assessment in times of a pandemic made us rapidly change our strategy, find new ways to resolve the issues, such as data retrieval, and use every possible tool and virtual appliances in our disposition to overcome the challenges.
Historically, OT systems were separate from IT. Now that they are expanding to an extended ecosystem, OT security becomes a priority. We achieved good visibility about the client’s assets and could precisely identify anomalies. This assessment led to greater transparency for the client. Now it can take the right security measures with every parameter in mind to ensure business continuity.
– Scope statement detailing all stakeholders, assumptions, risks, project objectives, requirements, scope, approach, client’s obligations, expected deliverables, timelines and milestones.
– Initial discovery questionnaire interviews with all relevant stakeholders to capture first high-level overview of the risk posture.
– Engagement project planning to provide details on each of the phases’ different activities, timeframes, tools used and expected outputs.
– OT assets inventory and vulnerabilities AS-IS report using one of our partner’s OT asset discovery.
– C2M2 interviews to assess their level of maturity and provide future recommendations and improvements.
– Executive presentation report to relevant stakeholders.
To secure environments that are not inherently secured is not always easy and does not start by just adding security controls. It is about prioritizing the most critical processes, systems and potential sources of attacks or vulnerabilities. Security is about identifying, managing and setting up a strategy.
With their digital transformation, utilities companies can be targeted by hackers on a very large attack surface.
Discover how to tackle it in this white paper.
The multiplicity of actors in the utilities’ industry, combined with the digitalization of the production, transport and distribution infrastructures, are weakening the world of energy.
How to tackle utilities cyber threats and where to start?
Interested in next publications?
Register to our newsletter and receive a notification when there are new articles.