Cisco Blogs


Cisco Blog > Energy - Oil & Gas and Utilities

Modernizing the Grid: Utilities and Data Analytics

The electric utilities sector is facing some challenging times as it struggles with a regulatory model designed for an earlier era. As increased renewable integrations into the grid intensify, electric utilities will need to take steps to accommodate the variable output of distributed generation and develop new insights and technologies that will shape the future of the grid. In fact, my colleague Rick Geiger recently authored a blog with his thoughts on what the future of the grid looks like.

The electric utilities business model is being disrupted and the days of the regulated monopoly appears ripe for change. So, how exactly can electric utilities work to modernize the grid? The answer is by addressing current customer requirement trends taking place in the industry through the collection and analysis of pertinent data. These utility industry megatrends include:

  • Changing customer expectations resulting from the digitization of services allowing anytime, anywhere personalized services.
  • Rise of social networks and the ability to quickly form communities of interest and communicate instantaneously with a billion people globally via text, video and/or voice.
  • Pervasive connectivity and computing that is unlocking a sea of change in productivity gains for businesses, disrupting existing businesses and creating new opportunities for agile firms.
  • Expansion of energy markets for distributed energy resources are enabling greater adoption and increased transactions.
  • Financial innovation that is enabling a wide range of customers to amortize initial capital costs of DER to align with benefit cash flows and make a stronger value proposition.
  • Energy technology advancements for power system and distributed energy technologies are accelerating at exponential rates while also leveraging breakthroughs on business models and system performance.

These trends are disrupting utilities’ ability to effectively manage the grid as customers become more involved in the way energy consumption evolves. As we look at the integration of renewable services or renewable generation from wind, solar, biogas and others, the grid is now becoming a two-way system.  Take solar panel installations on rooftops. You now have customers generating electricity and sending it back into the grid – it’s not just coming from the generating plant anymore. In order to stabilize the grid, we need to collect data and be able to make decisions that impact the outcomes seen.

In order for utilities to successfully meet these customer requirements, they must create an intelligent energy network platform that is:

  • Observable – enabling full determination of grid state – deep situational awareness.
  • Intelligent – enabling ability to gain situational intelligence to support operational decisions.
  • Automated – ability to rapidly adapt to changing conditions with minimal human involvement.
  • Transactive – dynamically balancing diverse resources and distributed market participation.

If you consider blackouts that have happened in the past, having an automated grid with the ability to collect and react to data may have helped with those cascading power outages. That is the problem modern-day utilities are solving. Electric utilities are changing their mindset about using data analytics to meet customer requirements and in my opinion, data analytics will be one of the best ways of effectively managing the grid. Harvesting reams of data opens up new, great opportunities for both utilities and ratepayers, which in the end reduces the cost of managing the grid and gives utilities real-time capabilities to deal with issues that may impact grid performance. One of the market entrants in the utilities sector taking this approach is Bit Stew. Read More »

Tags: , , , ,

Cisco Live 2015 has a Secure Ops Solution Demonstration Area

Many of you know about the Cisco Secure Ops Solution that was announced in 2014, and that it has already been adopted by Shell to secure the company’s critical infrastructure, but may not have seen a demonstration or talked with a Cisco subject matter expert about it.

Cisco Live, San Diego, CA, USA

Cisco Live, San Diego, CA, USA

Well, here’s your chance. We have arranged for a booth in the industrial vertical area at the World of Solutions at Cisco Live in San Diego to show just that. We’re pleased to be accompanied by one of Cisco’s security partners to show new features and functionality that takes Secure Ops even deeper into the cybersecurity protection and surveillance arenas.

The Cybersecurity space is getting more and more alarming every day. As my colleague Peter Granger notes, we have gone from the quaint world of Sherlock Holmes…

Sherlock Holmes: I didn’t really ask, Dr. Franklyn, but what exactly do you do here?

Dr. Franklyn: Oh, Mr. Holmes, I’d love to tell you. But then of course, I’d have to kill you.

Sherlock Holmes: That would be tremendously ambitious of you.

…past the pseudo-high-tech world of James bond and closer to a more modern world reminiscent of Kiefer Sutherland’s character Jack Bauer in the TV series ’24’. Today’s Cyber attacks are not just disgruntled employees or simple mischief makers (although that’s bad enough), but can be carried out by powerful crime syndicates and hostile governments.

Now more and more attacks are becoming visible and reported (e.g. Stuxnet like ‘Havex’ malware strikes European SCADA Systems – June 2014) and whether they are a terrorist attack such as the data destruction attacks on Saudi Aramco and on Qatar’s RasGas gas company in 2012 or unintentional (the vast majority of reported cyber incidents are ‘accidental in nature’ as reported by the Repository of Industrial security incidents, 2011), billions of dollars are lost every year because of them. Night Dragon, Shamoon, Flame, and Duqu have joined Stuxnet in the past few years and more will come.

A study by Fox-IT reported that 60 percent of oil and gas companies do not have a cybersecurity incident response plan. In addition, only 11 percent are fully confident that they can address a cybersecurity breach appropriately. Twenty-three percent admitted that they are not actively monitoring their network for potential intrusions.

How can Cisco help your energy organization? You can find out more by visiting our cisco.com website, and check out the Security for Industrial Networks Overview/White Paper (don’t worry, it’s less than 3 pages!).

Security continuum #1And, of course, you can also visit us Cisco Live: there you’ll see how the Cisco Secure Ops Solution is relevant to many industries and is helping tackle our customers’ security challenges. A combination of technology, software and services expertise, Secure Ops Solution can help you increase your security response levels significantly – before, during and after an attack, across the entire attack continuum.

Don’t forget our other presence there around the Collaborative Operations Solution, which my colleague Suresh Venkat talks about here: What does a Cisco Live Demonstration have to do with droughts, floods and fossil fuels?

We look forward to seeing you in the Process Manufacturing Secure Industrial Networks booth at the World of Solutions next week.

As always – comments are always appreciated and we respond to questions!

Tags: , , , , , , , , ,

Securing Your Industrial Networks by Aligning IT and OT

In the first six months of 2013, 53 percent of cybersecurity incidents were in the energy sector, according to the Department of Homeland Security. As cyber-attacks are becoming increasingly prevalent in industries that support our critical infrastructure, it’s crucial that business leaders adopt security process designed to address these new threats. Are you ready?

While I was at CERAWeek last month, former US Secretary of Energy, Daniel B. Poneman, and Under Secretary, NPPD, US Department of Homeland Security, Suzanne Spaulding had a  message to attendees. Their message was clear:

Cyber Security is a “C-Suite” topic of Enterprise Risk Management.

Their recommendations are strong: Security needs to be baked it in from the beginning! Physical and Cyber Security and Secure Coding of Software!

• Implement Layered Protection; we cannot depend on just a perimeter defense
• Apply Cyber Security Framework: 1. Assess, 2. Protect, 3. Detect, 4. Respond, 5. Recover
• Attend to the nexus of Physical and Cyber Security
• Test your response, including business recovery and continuity

Digital strategy and business strategy are becoming one and the same. Forward-looking energy firms see opportunity in today’s turbulent market and seek to pull ahead by changing their operating models through the Internet of Everything (IoE). Transformative digital technologies have to potential to deliver many advantages to O&G firms, including increased business agility and risk awareness, lower cost of operations, and reduced downtime. But before the industry can embrace these new strategies, an effective, end-to-end cybersecurity approach—including alignment between IT and OT—is needed.

Security a Catalyst for Transformation
Digital transformation means that a range of new and diverse devices are connecting to industrial oil and gas networks, generating greater amounts of data. When managed effectively, this data delivers the right information to the right place, at the right time, helping create a competitive advantage. However, as the IoE proliferates, the accompanying explosion of devices and applications will lend itself to increased areas of attack that criminals will seek exploit.

Oil and gas companies must replace traditional approaches like physical segmentation and security by obscurity. They need an integrated approach where information flows in real time to enable immediate action. Cybersecurity doesn’t need to be an inhibitor. It should be the catalyst for new ways of working. It can help oil and gas companies work more safely and better protect the environment by obtaining remote visibility and control over operations, including processes in refineries. It can make processes more efficient, increase production and reduce overall costs.

Addressing the Entire Threat Continuum
Cyber-attacks occur on a continuum of before, during, and after. The same digital hyper-connectivity that oil and gas managers use to collect data and control machines and processes, can also allow cyber attackers to get into system networks and steal or alter classified information, disrupt processes and cause damage to equipment. Threats to a company’s information systems and assets could come from anywhere. State and non-state actors from around the globe are constantly working to penetrate the networks of energy providers and other critical infrastructures in the U.S.

Energy firms must address this entire continuum with a visibility-driven, threat -focused, and platform-based framework:

  • Visibility-driven means having an accurate, real-time view of the network fabric, endpoints, mobile devices, applications, virtual environments, the cloud, and their interrelationships. High visibility allows you to make sense of billions of devices, applications, and their associated information, while helping you see an attack coming, control the environment, and mitigate threats.
  • Threat-focused means focusing on detecting, understanding, and stopping threats. Policies and controls reduce the surface area of attack, but threats still get through. Focusing on threats can help you identify threats and indicators of compromise based on a well-honed understanding of normal and abnormal behavior. This requires continuous analysis and real-time cybersecurity intelligence across all technologies. With contextual awareness, you can identify false-positives and assess the impact of a threat.
  • Platform-based means we have an integrated system of agile and open platforms that cover the network, devices and the cloud. It is a true platform of scalable, easy-to-deploy services and applications. You gain powerful end-to-end visibility with centralized management for unified policy and consistent controls

Securely Converge IT and OT
As oil and gas companies embrace the IoE, they bring together the use of information technology (IT) and operational technology (OT). Security needs to be as pervasive and applied in a unified way across the extended network. Physical and cybersecurity solutions must work intelligently together to reduce unauthorized system access – in order to protect networks, devices, applications, users and data. For example, in many oil and gas companies today, upstream and downstream domains use different solutions for common tasks such as asset performance management. In addition, OT is often managed autonomously from IT, even for critical functions such as reliability and cybersecurity.

Cisco has the broadest set of solutions covering the broadest set of attack vectors, leveraging both global and local intelligence. Cisco’s Secure Ops Solution is helping oil and gas companies secure industrial control networks by combining on-premises technology, processes, and managed services. For example, Royal Dutch Shell (Shell) was challenged with increasing its security maturity level. By implementing the Secure Ops Solution, Shell was able to improve its cyber security and risk management, lowering costs of delivery while significantly reducing its costs of securing the process control systems that keep billions of pounds of toxic material under control. Cisco Secure Ops Solution provides remote proactive monitoring and Service-Level-Agreement (SLA) driven management of security, applications and infrastructure, making it easier to:

• Manage cyber-security risk.
• Support compliance.
• Secure the perimeter between enterprise and operational networks.
• Implement and maintain layered security controls

How can Cisco help your energy organization? Read More »

Tags: , , , , , , , , ,

Combating Cyber-Attacks Through Cyber Intelligence & Security: Part One

Hello and welcome to Part One of my new blog series discussing cyber intelligence and security around the critical infrastructure sectors in the U.S. Cyber-attacks are becoming increasingly prevalent and threatening to utilities, refineries, military defense systems, water treatment plants and other sectors of our critical infrastructure. Part One of this series details the dangers of cyber-attacks by state and non-state actors and how cyber intelligence can help organizations combat future cyber-attacks. Part Two will detail the role of data in cyber security and ways cyber intelligence can be gathered to further prevent attacks.

The New State of Cyber-Attacks

As technology advances so will the amount of cyber-attacks. Many companies play a vital role in their nation’s critical infrastructure and these companies are adopting digital systems to replace older, analog controls. This digitization of technology is helping operators obtain remote visibility and control over operations, including processes in refineries, the generation and transmission of power in the electrical grid, and the temperatures in nuclear cooling towers. In doing so, industrial facilities have become more efficient and productive.

However, the same digital hyper-connectivity that facility managers use to collect data and control machines and processes, also can serve as entry points for cyber attackers to get into system networks and steal or alter classified information, disrupt processes and cause damage to equipment. Many early control system breaches were random or accidental infections, but we’ve now entered a stage where kinetic attacks are becoming more prevalent, with industrial control systems becoming the object of targeted attacks.

Threats to a company’s information systems and assets could come from anywhere. State and non-state actors from around the globe are almost certainly targeting and possibly even penetrating the networks of energy providers and other critical infrastructures in the U.S. Effectively cyber criminals have loose alignment (affiliation) with state actors and now these criminals are beginning to use different methodologies, creating a huge challenge. Traditionally, we see malicious actions like zero-day attacks, Denial of Service attacks, (DoS) i.e. vulnerability attacks, bandwidth or connection flooding, stopping or delaying workflows and SQL Injections that help hackers exploit or steal data from organizations.

Read More »

Tags: , , , ,

Challenges and Progress at the White House Summit on Cybersecurity

White House Cybersecurity JPEG

On February 13, I attended the White House Summit on Cybersecurity and Consumer Protection at Stanford University. President Obama, along with senior leaders spanning federal government, industry and technology sectors, law enforcement, consumer privacy advocates, and others convened to collaborate and build partnerships within the public and private sectors to further improve cybersecurity practices.

The keynote, panels and workgroup sessions covered a range of preeminent topics but the resounding theme from each was simple – everyone is online, therefore everyone is vulnerable. A comprehensive and collaborative effort from private and public sectors will be necessary to address these challenges. Sharing information in a safe, secure, confidential and reliable way will be a major factor in this coordinated approach.

Throughout the Summit, the key challenges were consistent –

  • The need for legislation to protect information sharing
  • Eliminate cross-industry barriers and establish partnerships
  • Liabilities created by the convergence of wireless & digital technology
  • Need to raise the security baseline for digital products and controls
  • Create stewardship for planning and management

This is a complex and changing environment, but it’s moving in the right direction. Several public-private partnerships exist today that are starting to address these challenges including the Electric Sub-sector Coordinating Council, Cyber Threat Alliance, Idaho National Laboratory and the Cyber Threat Intelligence Centre. Additionally, President Obama officially signed the Executive Order on Promoting Private Sector Cybersecurity Information Sharing while at the Summit and launched the BuySecure Initiative in November to help mitigate these risks.

Specifically within the utilities industry, there has been a consistent focus on reliability and safety, but modernizing the electric grid is an ongoing process. Cisco Secure Ops and Collaborative Operations are just a couple of the solutions addressing this industry evolution; click here to learn more. In my next blog, I’ll address some of these Cybersecurity exposures and how to leverage technology to reduce these risks.

Tags: , , , ,