On many fronts, we are going through a period and pace of change unprecedented for utilities. With cities across Asia expanding rapidly, pressure to invest in new infrastructure and meet evolving demands of rising middle classes rises in parallel.
The adoption of digital technology can help — advanced metering, smart grids and the Internet of Things (IOT) — and presents opportunities for providers of power, water, and oil and gas to drive down costs and improve service levels. However, such adoption is introducing new interdependencies and security vulnerabilities.
Many Dimensions of Cybersecurity
Threats from cyberattacks are mounting, illustrated by the recent Burlington incident. Utility assets are facing “imminent danger” from cyberattacks, which are growing more frequent and sophisticated, according to a U.S. Department of Energy report published in January 2017. In the region, Singapore’s Cybersecurity Strategy, released in November 2016, underlines the importance of a culture of cyber risk awareness across all levels of critical information infrastructure organizations, including utilities.
The importance of cybersecurity is well understood at senior management levels; the issue was ranked as the second-most pressing issue for U.S. electric utilities with the first being reliability.
Issues are more pronounced at the operational level. The accountability for cybersecurity has for many years resided with the IT department. This is expanding rapidly (and lessons can be learned from other sectors).
For utilities with extensive assets and distribution infrastructure, the adoption of ‘smarter’ technology requires greater levels of security collaboration and a greater recognition of vulnerabilities that coexist across digital, physical and human dimensions. The change mandates improved security cultures and awareness levels as well as an ability to overcome challenges to prioritize capital investments into security initiatives.