The fundamentals of smart grid cyber security
The European Network for Cyber Security (ENCS) has launched a training programme to give security architects the knowledge to design secure smart grid systems. Molly Lempriere speaks to ENCS managing director Anjos Nijk about the fundamentals of smart grid cyber security.
AS SMART GRID SYSTEMS GROW IN SCOPE AND COMPLEXITY, THEY REQUIRE MORE PROTECTION, AND MORE SOPHISTICATED PROTECTION, AGAINST CYBER THREATS. HOWEVER THERE IS A SKILLS GAP, WHICH CAN MAKE IT HARD FOR COMPANIES THAT ARE TRYING TO BUILD AND PROTECT THEIR GRIDS.
The ENCS has just completed its first course of a new training programme launched earlier this year. It is designed to help security architects design secure smart grids, looking at risk-based architecture design and the IT/OT interface design.
So what are the best ways a company can ensure its cyber security? ENCS managing director Anjos Nijk offers his five top tips.
Identi
fying weak spotsAnjos Nijk
ENCS managing director
“To start with, I want to point out the importance of the implementation of information security management systems. This is part of an EU regulation that came into effect last year, the Network Information Security Directive, which imposes regulations on grid operators that mean they have to take appropriate technical and operational measures. This is something that really helps you to identify where the weak spots are, the areas where you really need to take action, and from there you can bring risks into a managed situation.”
Dealing with legacy systems
“The second thing I'm going to bring forward is technology control. The legacy systems in the electricity grids were designed tens of years ago, at a time when cybersecurity wasn’t even a topic of conversation, which means that the systems were not designed for security. These systems are very complex and expensive so you can't just take them out and put new systems in. This means that you have to deal with the legacy situation. There are techniques in terms of security architectures, in terms of access policies, in terms of systems management.”
Preparation
is key
“The third thing is to be prepared. You cannot and you should not assume that nothing will happen. So, first of all, you have to be able to detect what's going on, so you need to get organised and have technology in place to be able to see what is going on, to be able to analyse if it's harmful, and to be able to act upon that. This is something that also requires highly sophisticated skills, but also training and exercises because attacks to the grid don't happen every day. In the aviation industry, pilots are trained just in case anything happens; we must be the same.
Addressing the skills gap
“The fourth point, which is an element of all the points I've made already, is closing the skills gap. It is very important to close the skills gap at various levels and various functional domains.”
Working together
“This brings me to the fifth point, collaboration, which is the key to do everything better and faster. In terms of the increase in the number of attacks, the sophistication, there's a lot going on, so it's really important to deviate from old traditional ways of doing things to keep up.
“We need to bring together people working on the various topics in the architecture, in the security policy, in the operation, at different sites, across borders, across organisations, in a way that they can share best practices, learning how others found ways to deal with things.”