Cyber Security
Maintaining a resilient utility grid in the face of cyber attacks By Kevin Nesdale, General manager of Power Distribution, Eaton ANZ
T
he recent spate of malicious state-backed cyber activity directed at Australia has been a sobering reminder that without a resilient cyber security framework in place, all critical infrastructure is vulnerable. About 31% of industrial control systems have experienced a cybersecurity incident or an attempt in the past 12 months, a significant number of attempts are targeting commercial, industrial, utility and government networks, making virtually every system vulnerable. The recent attacks come as a reminder that cyber-attacks are here to stay and that certain measures must be implemented from the outset to ensure utilities are resilient in the event of a breach.
Cyber secure by design A resilient utility grid with a trustworthy cyber-network is required to mitigate the impacts induced by cyber-attacks. To eliminate the impacts of cyber-incidents, a three-phase Cyber Resiliency framework, including attack detection, response, and recovery is needed to couple cyber and physical layers along with advanced algorithms developed and implemented in each phase. As a critical element in the cyber-incident defense framework, post-contingency recovery, which belongs to the phase of attack mitigation,
48 | Australian Cyber Risk Leaders Cyber Security Magazine Magazine
acts as a last step in cyber-defense framework and plays a significant role of maintaining healthy and uninterrupted operation of modern distribution systems. Utilities should ensure that equipment purchased has cybersecurity principles included from the initial design phase. It is crucial to understand the difference in nature between IT systems and Industrial Controls for physical systems when it comes to security measures and data traffic. Cyber Resiliency Framework considers “Cybersecurity by Design� as a principle to operational technology (OT) defence mechanisms. An example of the difference is the nature of what we are protecting - for IT systems, customer data and organisational information is the main concern for cybersecurity. On the other hand, system operations and protection against equipment damage are the sole concern when cyber resiliency plays a significant role, to ensure system availability and fallback planning when a cyber incident occurs. Connected devices and the vast amounts of data they generate create opportunities and risks for organisations; from manufacturing and testing to installation and service, which dictates a secure development lifecycle applying a defence-in-depth approach to their field devices. Utilities need to work with equipment suppliers to ensure
