Utilities are embracing modernization efforts to increase efficiency and reliability and enable renewable energy. But there’s another trend utilities must account for: cyberattacks. Attacks in July of 2019 against the US and in December of 2015 against the Ukraine power grid proved that a cyberattack can take utilities offline, endangering lives and incurring significant financial costs. While various utilities are at different stages of grid modernization, they should always keep security as the top priority to reduce the risk of a cyberattack. Below, we overview both the challenges and a three-prong approach to ensuring the safety of today’s utility grid.

Cybersecurity challenges for utilities

Utilities face several challenges when it comes to detecting and responding to cybersecurity attacks. The first is a lack of visibility. Operators can only stop malicious activities they can see – they need to know and be aware of what’s happening on the network. Currently, most control systems monitor the network, but they lack the visibility and insight that operators require to detect and stop a cyberattack.

The second cybersecurity challenge is a lack of mitigation. It doesn’t do a whole lot of good to be able to see malicious activity if you can’t do anything about it. Utilities need technologies that enable them to stop cyberattacks. This requires a variety of cybersecurity technologies working together seamlessly. And that brings us to a third challenge: the integration of these technologies to ensure effective and efficient incident response. If the various layers of security controls do not “talk” to each other smoothly and share data, then utilities will struggle with operational overhead.

A three-prong approach to securing utilities

Here at Cisco we have a three-prong approach to securing utilities. It begins with Cisco Cyber Vision, which provides visibility of the network and edge intelligence. Cisco Cyber Vision allows operators to see East/West control system communications and device communications. It then performs deep packet inspection of control traffic to expose what devices are communicating with each other and why. It also conducts a baseline of the traffic and generates an alert if there’s an anomaly in or between control systems.

The second prong in Cisco’s approach to securing the utility grid is the implementation of defense in depth to mitigate attacks. Cisco has all of the network security equipment that comprises a defense-in-depth strategy. We also have a proven, holistic security architecture that covers the edge of the grid to control center and provides separation and segmentation to prevent attacks from entering through IT. These pre-validated integrations — Cisco Validated Designs — simplify deployment and operations while greatly reducing your risks and security operations cost.

Finally, a cybersecurity solution requires collaboration between both IT security and operations teams. Each team brings their own skills and experience to the table. The IT security team is typically savvy in cybersecurity and common defense and mitigation schemes. The OT team has the insight of protocols and processes of the operational network. A security program will be enormously successful if IT and OT work closely together, complementing each other’s knowledge, skills, and experience. Cisco has long been a leader in IT networking and security, and we can be your trusted adviser in grid cybersecurity.

Organizations simply cannot modernize the utility grid without incorporating cybersecurity — it is a requirement for operating in the 21st century. Cyberattacks are a proven threat. Therefore, cybersecurity must be a key component of a modernization effort. This requires visibility, controls to mitigate attacks, and the cooperation between IT and OT. Cisco has helped hundreds of utilities organizations around the world implementing this three-prong approach to cybersecurity and can help you, too. Contact your Cisco sales representative or partner to understand more about Cisco Grid Security validated design, or check out the Grid Security Design Guide.


Sean Song Jiang

Lead, Distributed Automation Solutions

Cisco IoT Solutions Group