Officials in Washington DC have met to discuss how to prepare for the possibility of a large-scale cyber attack on the power grid, after fears sparked that an attack could be imminent – noting that the standards for how power companies communicate with each other about security threats, and with the government, are largely unresolved.
Thales UK is at the forefront of protecting critical national infrastructure, and Ross Parsell, Director of Cyber Security at Thales UK has an extensive background in devising guidelines for private, public and defence security strategies with more than 16 years’ experience in the security industry. He also sits on a number of governing bodies that decide the UK National Cyber Security Strategy.
Ross has commented on the possibility of the imminent attack on America's power network:
“In order to remain poised to react to this evolving threat landscape, power companies need to continually assess their defence capabilities and employ best practice cyber maturity models to centre around continuous policy evaluation and adaptation.
In other industries the government has already put systems and processes in place to ensure that knowledge about the workings of crucial network infrastructure is protected -and this now needs to be extended to the energy sector. The energy sector also needs to follow suit in forming some sort of self declaration for cyber attacks. Currently, a high volume of cyber security incidents go unreported. The recent spate of high-profile data breaches are evidence that organisations are either not taking cyber security seriously or are bewildered by the problem. Regulation in this case is a necessity to alter corporate behaviour. Once the full extent of the cyber threat is uncovered, greater collaboration on cyber issues should lead to an improvement in cyber awareness and cyber standards.
In order to make this work there needs to be a holistic approach that tightly integrates cyber-defences with processes, people and physical measures. A cyber security model that can provide a useful indication of the resilience of defences and areas of vulnerability as an important guide through the prime consideration of balancing between price, safety and security, is crucial.
If the security challenges are addressed effectively, we can rest assured that the imminent threats our critical national infrastructure is under control.”