The electric power industry provides the production and distribution of electrical energy, often referred to as electrical power, in sufficient quantities for areas that need electricity through a grid. Many households and businesses need access to electricity, especially in developed countries. The demand for electricity is derived from the need for it for the operation of household appliances, equipment.

Link of interest: Power Outages in the United States of America (in real time) Here

The electric power industry is usually divided into four processes. It is about the generation of electricity, such as a power plant, transmission of electric power, distribution of electric power and the retail sale of electricity. In many countries, owned electric power companies own all the infrastructure, from station generation to transport and distribution infrastructure. Each of these processes has its function in the supply chain with its particularities, priorities, regulations and needs.

Electric power is considered a natural monopoly. The industry is generally highly regulated, often with price controls and is often the government of ownership and operation. Typically many of the facilities involved in each of the processes of the electrical industry can be considered a critical infrastructure and therefore of national interest. This classification should be determined as a result of the criticality assessment using appropriate assessment methods, techniques and models. Suppliers of industrial automation systems, SCADA systems, and services in conjunction with operators in the electric power sector must ensure compliance with security and cybersecurity standards, such as ISA/IEC-62443, NIST 800-53/82, NERC CIP, FIPS 140-2 and others. Keeping up with rules and regulations is a challenge. New regulations such as the GDPR in Europe raise the stakes for non-compliance to more than 20 million euros per incident.

Strategies and solutions based on information security technologies and perimeters are not enough to protect against all modern threats against electrical infrastructures. Industrial cybersecurity requires the protection of physical assets, i.e. the domain of physical security. Many programmable logic controllers (PLCs) and controllers for feed water pumps, feed water, valves, furnaces, boilers, turbines, generators, and capacitors are vulnerable due to the lack of built-in cryptographic controls, including: multi-factor authentication, secure boot, secure update, and encrypted secure communications.

In operational technology (OT) environments, risk is measured in terms of industrial safety and system availability. While data privacy is important, often human physical security, industrial process safety, environmental stewardship, and uptime drive the security needs of plants and large SCADA systems.

Assess cyber risk consistently and make the best mitigation decisions with the ZCM.

Design and implement appropriate countermeasures that will actually mitigate intolerable risk.

Operate and maintain industrial infrastructures resilient to all types of threats.

OTConnect – The news in energy sector!