Article

The electricity grid is under threat. Cisco helps keep it safe

The rapid digitization of the energy system is creating new risks but also supporting new tools that can improve reliability.

Managing electricity systems has never been easy. Generation assets can fail. Wildfires can take out transmission lines. And utilities lose billions of dollars a year from electricity theft and other non-billable losses.  Digital transformation has been used to drive innovation, grid efficiency, and improved reliability. However, as grids adopt digital technology,  connectivity increases the attack surface and exposure to hackers.

Utilities and grid operators are aware of these risks, and depend on networking, security, and Internet of Things solutions to keep electrons flowing.

The biggest task is to ensure the reliability of electric systems. And this will be even more critical as complex, distributed grids draw energy from a multitude of renewable sources. Renewable electricity capacity broke a record in 2021, and the International Energy Agency forecasts that it is expected to further increase in 2022, reaching close to 320 GW. Russia’s invasion of Ukraine has generated an unprecedented global energy crisis, forcing governments to further accelerate their transition to clean energy to reduce their dependence on fossil fuels.

In the energy system, a single bulk electric system could disrupt power to all downstream customers. They are critical assets that may be targeted by bad actors. Understanding how vulnerable these assets might be is critical in protecting the system, says Sean Caragata, global director for industrial and critical infrastructure industries at Cisco.

“One of the first steps in grid security is asset discovery: to understand and identify the assets and devices in your system, the integration of those assets – in other words, how, what, and with which systems they communicate, and the vulnerability of those assets,” Caragata says. “Ultimately, you can’t secure what you can’t see”.

Following the asset discovery stage, the utility can build the right security strategy, including network segmentation to build a DMZ and isolate zones to secure critical assets; employ live threat detection; and create an integrated Security Operations Center to ease response, investigation, and remediation of events.

For threat defense in the OT environment, Cisco’s CyberVision combines deep packet inspection with an understanding of industrial protocols to monitor not only for cyber-attacks, but also provide the capability to monitor industrial processes. This capability is not only useful in weeding out malware and detecting lateral movement during the early reconnaissance phase of a cyber-attack. It can also alert control crews to potential infrastructure faults. Such early warnings give engineers a chance to fix problems before they happen, reducing the likelihood of an outage or similar issue.

In fact, Cisco’s industrial IoT network in the substation and distribution grid is itself a security sensor, enabling greater visibility and threat detection across the grid.

Cisco technology has also been helping utilities such as BC Hydro, in British Columbia, to combat electricity theft for more than a decade. It helps that Cisco technology powers operational technology (OT) and the Internet of Things (IoT) as well as IT, and has security baked into its design.

Increasingly, that expertise is being applied in the renewable energy sector. This urgently needed transition brings its own complexities and challenges. For example, wind and solar are fluctuating resources. That demands powerful networking capabilities that ensure that energy from distributed sources is shared across the grid, whenever and wherever it is needed.

“One of the advantages that we bring is we are deeply trusted in the enterprise IT space, we're deeply trusted in the OT-IoT space, and we’re one of the largest security vendors in the world,” Caragata explained.

With electricity infrastructure, “cybersecurity is not an afterthought,” he added. “It’s a foundational component of digital grid modernization. By building in cybersecurity, [utilities] can make their grid and their operations more reliable, more resilient, and more efficient.”

This is good news because grid operators face a growing challenge beyond the main electric system. The periphery of the grid is becoming more complex as devices ranging from solar panels to electric vehicle charging points get connected to the electricity network.

The volume of assets on the grid edge is several magnitudes higher than that on the bulk electric system. But they increasingly need to be controlled as part of moves to improve the efficiency of grid operations in the quest for a low-carbon electricity system.

Applying the security tools and processes being used in the electricity system will be key to keeping tomorrow’s digital grid edge safe.

“As you’re digitizing your critical infrastructure,” he concluded, “that builds resiliency, reliability, and safety, but also cybersecurity.”

###

Related content: