“There are only two types of companies: Those that have been hacked and those that don’t know they have been hacked.” - Vijay Menghani, Chief Engineer, Central Electricity Authority, CISO, Ministry of Power, India
Electric Power is an important requirement for sustained economic growth and is always a priority. The energy industry is the lifeline of every economy. This sector has direct impact on the GDP of the country and is the backbone of industry and service sector.
Today automation and digitalization is effectively implemented in the power sector in generation, transmission and distribution systems. Exchange of data between information technology (IT) and operation technology (OT) which is the backbone of digitalization is being effectively implemented or have been implemented in various power companies.
Cyber intrusion and cyber-attacks can create huge disruptions. The gain of sensitive operational data through such intrusions may help the adversaries and cyber attackers to design more advanced cyber-attacks. These intrusions will seriously impact the operations, communication and all related business activities. Hence it is imperative to protect against unauthorized access to IT & OT systems. When attackers gain access to an industrial control system they are able to sabotage control and safety processes, leading to costly outages, damaged turbines, boilers, threats to personnel safety and even environmental disasters.
Though there are many cyber security directives and guidelines that exist, none of them are power sector specific. Ministry of Power (India) has directed Central Electricity Authority (CEA) to prepare Regulation on Cyber Security in Power Sector. CEA has come out with Cyber Security in Power Sector Guidelines 2021, incorporating the cardinal principles for compliance by all entities covering System Integrators, Equipment Manufacturers, Suppliers / Vendors, Service Providers, IT Hardware and Software OEMs engaged in the Indian Power Supply System.
The Colorado energy company had to shut down 90% of its internal controls in January 2022 due to malicious Cyberware that wiped 25 years of historical data. Read more about this recent cyber-attack here.
Are your power systems secure? Get your Risk Assessment done without delay. Speak with our experts.
At Gorisco, our motto is 'Embedding Resilience' and we are committed to make the organizations and their workforce resilient. Reach out to us if you have any queries, clarifications or need any support on your initiatives.
To read our other blogs, click here. More importantly, let us know if you liked them or not through your comments.