Promonique
Promonique
Rayzon
Rayzon
EPR Subscription Banner
EPR Subscription Banner
Home » Guest Column » 5 Cybersecurity Trends that will Transform India’s Power Grid

5 Cybersecurity Trends that will Transform India’s Power Grid

By October 3, 2020 4:01 pm IST

5 Cybersecurity Trends that will Transform India’s Power Grid
.

Dick Bussiere, Technical Director, APAC, Tenable explains five cybersecurity trends that lie ahead for power organisations along with practices that must be followed to stay protected in the digital era.

The establishment of the smart grid, driven by population growth and urbanisation projects has played a critical role in the Indian economy. As the third-largest producer and the fourth largest consumer of electricity in the world, India’s power grid is forced to be more flexible to accommodate the supply of power across dispersed cities and rural villages.

Integrated with communication and information technologies, the smart grid is a promising power delivery infrastructure. These interconnected networks also expand the attack surface, enabling bad actors to easily move from one provider to the next. A successful cyberattack to the grid, therefore, presents a core risk to safety, reliability and business continuity; and can cripple the crown jewels of India’s critical power infrastructure.

India’s recent plan to mandate cybersecurity measures for its power grids to ensure high availability and protection of sensitive data is a positive step in the right direction. However, without a good grasp of the security and integrity of digital components, network visibility and security cannot be achieved from the grid level to the bay level and to each individual intelligent electronic device (IED). Improving smart grid inter-connectivity, leveraging modern TCP/IP based standards such as IEC-61850 and IEC-60870-5-104, and employing new techniques of total network situational awareness needs to become de facto industry best practice.

Cybersecurity Trends that will Change India’s Power Industry

Below are five cybersecurity trends that lie ahead for power organisations along with practices that must be followed to stay protected in the digital era:

1. IT/OT convergence introduces new attack vectors

OT-based attacks present a real danger today. The convergence of IT and OT along with the rapid adoption of IoT will accelerate at an unprecedented rate, dissolving the boundaries between them.  This will result in new attack vectors that will need to be discovered, monitored and defended diligently.

Grid operators and regulatory agencies both must audit their implementation strategies for air- gapped systems. The mantra of “set it and forget it” is no longer a plausible security strategy in today’s connected OT environments. Early detection of operational technology (OT) threats requires proactive and continuous base lining and monitoring  at the network and device level to detect deviations and potential threats.

2. OT to IT attacks will become a reality

Organisations will continue to see the emergence of OT/IT attacks. These attacks will intentionally target weak points in the IT or OT infrastructure and laterally creep between these two converging environments.

Advertising

EPR Android App Banner

3. IT and OT teams to share responsibility for  OT security

Security must be a shared responsibility between OT and IT teams. IT teams may be held accountable for converged IT/OT security since they have decades of experience with internet-connected applications and technologies.  Joint responsibility allows the OT team to leverage the experience of the IT team while ensuring that legacy OT operational protocols are not violated. Indeed the relationship is symbiotic since in general, techniques that enhance security also provide enhanced safety, availability and quality for the OT operators. The collaboration between these two groups will herald a new awareness of internal and external security threats across these once separated worlds. IT and OT teams, together will set guidelines for OT security projects based on requirements provided by OT teams, with best practices adopted from both fields.

Implementation of the UN-endorsed ISA/IEC 62443 cybersecurity standards will be an essential first step. These standards are the only consensus-based cybersecurity standard for automation and control system applications. By using these globally-approved standards to increase productivity, lower costs and keep people, industrial facilities and commercial buildings safe, IT teams can bridge the gap with OT.

4. The edge becomes more vulnerable than the core

Bad actors tend to look for low-hanging fruit when launching cyberattacks. The trend of targeting less well-defended OT infrastructures, such as smaller substations or transfer locations, will be more pronounced in the year ahead.  A compromise at a remote site or a small power provider could have cascading effects as they are connected to the larger OT network.  The entire infrastructure could be compromised if an attack is able to spread.

Organisations will need to deploy OT security not only at the core, but also extend to remote and distributed systems.

5. The cyber skills gap will spread to OT

India’s skill shortage is nine percent higher than the global average. The convergence of IT/OT will only widen the skills gap.  With so many disruptive technologies contributing to the expanding attack surface, an organisation may lack the necessary IT or OT security skills and qualified candidates may be scarce.

Organisations should recruit new talent from universities or hire less experienced candidates who are willing and eager to learn, to address security for the combined IT/OT footprint.

Cybersecurity is now widely recognized as a core risk to power networks. To mitigate cyber risk, it is essential to have full visibility, security, and control into all your operational assets, including IEDs, RTUs PLCs, breakers, meters, drivers, and other devices. It’s time for India to not just aggressively adopt innovative solutions, but to take careful steps in securing critical power infrastructures.

 

Cookie Consent

We use cookies to personalize your experience. By continuing to visit this website you agree to our Terms & Conditions, Privacy Policy and Cookie Policy.

Android App
Android App

Events

RenewX
RenewX
Wiretech 2025
Wiretech 2025
Power Gen
Power Gen
India Green Energy Expo
India Green Energy Expo

Our Sponsors

Our Sponsors

Wika
Wika
Ramelex
Ramelex
Rayzon Solar Pvt Ltd
Rayzon Solar Pvt Ltd
Akansha
Akansha
Andritz Hydro Pvt Ltd
Andritz Hydro Pvt Ltd
Vyoma Switchgear
Vyoma Switchgear
Skipper Limited
Skipper Limited
Joint Well
Joint Well
Kp Group
Kp Group
Credence Solar
Credence Solar
Grew Solar
Grew Solar
Nirmal
Nirmal
Meco Instruments Pvt Ltd
Meco Instruments Pvt Ltd
Novasys
Novasys
HPL Electric Power
HPL Electric Power
Sun Bond
Sun Bond
Supremesolar
Supremesolar
Vsole Solar
Vsole Solar
Elev8 Lift
Elev8 Lift
Power trac Group
Power trac Group
Omicron
Omicron
Ganz Electric
Ganz Electric
Eplan
Eplan
Aeron Composite Pvt Ltd
Aeron Composite Pvt Ltd
Eaton
Eaton
A-1 ELECTRICALS
A-1 ELECTRICALS
Ashone Technologies
Ashone Technologies
MENNEKES Electric India
MENNEKES Electric India
PRAMA HIKVISION INDIA
PRAMA HIKVISION INDIA
Motwane Manufacturing
Motwane Manufacturing
Sun Cables
Sun Cables