Smart Grid Security Catching On

Wednesday, October 19, 2011 @ 04:10 PM gHale


One year ago, security wags just discovered Stuxnet and after a year’s worth of analysis, experts are still hunting for information about the worm. But discovering that worm and understanding what we know right now has had a huge impact on the smart grid cyber security market.

Utilities realize their grids are no longer isolated or protected from attackers. Adding more intelligence to grid assets will increase the attack surface and utilities are now aware of this, according to the Pike Research report on “Smart Grid Cyber Security.”

RELATED STORIES
‘Thinking Machines’ can Boost Smart Grid
Utility Cyber Security Outlay to Grow
Insider Threat to Utilities
Smart Grid Security a Top Priority

The hype around smart grid cyber security, especially smart meter security, has died down from a year ago and Pike Research believes this is because many of the projects and products announced in the past are now undergoing implementation. New products and new deals generate press, but the actual deployments remain ignored.

Some things have not changed. The cultural void between IT and operations technology (OT) remains at many utilities, although there are more optimistic stories about reconciliation, or at least peaceful coexistence, the report said. (Click here for a related video on the IT relationship) As a whole, both groups appear to have realized they have cyber security problems, and that neither can live without the other.

Cyber security remains a check-in-the-box exercise for many, with spending limited to whatever they need to survive compliance audits. As some technologies near a decade of thought and deployment, such as smart metering, the approach to cyber security has become more thoughtful. However, newer technologies, such as control system automation, still focus more on just getting it to work, with cyber security as an afterthought; or a never-thought, the report said.

Market drivers have appeared or gained importance during the past year. European smart metering deployments that were in early stages a year ago are into the deployment phase, even if targeted completion dates stretch beyond 2020.

The North American Electric Reliability Corporation (NERC) has begun issuing fines for non-compliance with its critical infrastructure protection (CIP) reliability standards. Utilities believe they will see greater benefits from distribution automation (DA) than from advanced metering infrastructure (AMI).

The report forecasts that 63% of smart grid cyber security investment for 2011 through 2018 will be primarily in control system segments including transmission upgrades, substation automation, and DA.

Cyber security vendors report that now they are spending a lot more time speaking with utility operations groups, no longer meeting only with security managers or chief information officers. Utility operations teams have increased their cyber security savvy over the past 12-18 months and are now open to discussions about protection products, sometimes demanding those discussions.



Leave a Reply

You must be logged in to post a comment.