This is the third of a four part series on the convergence of IT and OT (Operational Technologies) by Rick Geiger
Physical Security is one example of Operational Technology that has evolved from serial communication to modern systems that are largely, if not completely, IP networked systems. The unique requirements of Operational Technology systems have often lead to shadow IT departments within the OT department with networks and servers procured and operated by the OT department with little or no involvement from IT.
Welcome to part three of this blog series looking at the convergence of IT and OT (Operational Technologies). In part two of this series, I discussed the need and opportunity for Cyber and Physical security convergence and the primary activities of Physical Security on a day to day basis. Today, I’ll dive a little deeper into how utilities can prepare for and combat cyber-attacks.
For decades, utilities have brought rigor and discipline to storm response. For example, the minute meteorologists predict a hurricane, utilities begin executing their crisis response activities. Customer care increases staff to handle an onslaught of calls. IT then suspends impacting work and ensures all systems are operational. Procurement contacts suppliers, knowing the utility will likely need additional transformers and poles to replace damaged ones.
In contrast, utilities have limited experience responding to a coordinated cyber-attack. They tend to view cybersecurity incidents as a technical problem and often relegate them to IT. Today’s cybersecurity events are becoming more and more like natural disasters, so much so that the Department of Homeland Security is staging its fourth cybersecurity event: Cyber Storm IV. This event allows utilities to test their cybersecurity programs and provides the framework for the most extensive government-sponsored cybersecurity exercise of its kind.
The grid is modernized by incorporating two-way communications. Utilities can gain additional operational efficiency through IT/OT convergence. While these improvements lead to great benefits, the increased interconnectivity has made the grid more vulnerable to remote cyber-attacks. The federal government recognizes these new risks. On February 12, 2013, President Obama signed an executive order creating a cybersecurity framework and information sharing between government and private sector. There is also plenty of legislation brewing to legally mandate utilities to take security precautions.
Smart grid technologies provide utilities visibility into the grid to know which houses/businesses do not have power. Utilities need that same level of visibility within their infrastructure to know where cyber damage has occurred. Customers do not fault their utility when a storm knocks out the power, but do fault them if their response is poor. While we cannot stop the storms or cyber-attacks, we can have a fully thought out cyber-attack response plan so utilities can avoid the front page of the newspaper or the lead story on the national news.
What’s in it for Cisco?
Cisco’s portfolio of cyber and physical security technology, solutions and services support NERC-CIP compliance and a sound, risk assessment approach to security architecture and implementation. Cisco has ongoing business processes and services that represent best practices and experience to address both security and compliance. NERC-CIP is just the start of the journey for utilities. The NIST Framework resulting from President Obama’s Executive Order provides a way for companies to share threat and event data. Cisco already operates a similar service for Cisco Customers and Cisco products in PSIRT.
Cisco has a portfolio of leading edge Cyber and Physical Security solutions. Cisco’s Advanced Services offerings help our customers develop and deploy a collaborative, unified approach to Physical and Cyber security. Stay tuned for my next series where I will dive deeper into organizational and cultural changes that must take place for successful IT and OT convergence.