Blog

The Role of Cybersecurity in an Increasingly Privatized Energy Sector
By admin May 7, 2019

Tags: , , , , ,

The US Department of Energy has named energy sector preparedness a key area in both cyber and energy security, as there is increased need for information sharing in our digital age. However, with this comes an element of risk, which must be addressed through situational awareness and thorough risk analyses. There are a number of situational and risk analysis programs in effect, but industry professionals are now leaning more towards a new type of method of operation.

Many now believe that the most effective way to achieve our security goals is through public-private partnerships, as most critical infrastructure in the US – around 85 percent – is owned by the private sector. This includes power grids, oil and gas, and utilities. A recent Ponemon Institute survey of security professionals working with Operational Technology (OT) and Industrial Control Systems (ICS) revealed that nine in ten critical infrastructure providers have experienced a cyberattack in the last two years that left their security systems completely out of action and vulnerable. In addition to this, the report detailed the lack of confidence that many security and IT professionals have in their ability to protect their organizations, with less than half reporting that they felt secure in their ability to do so. This has plummeted from 59 percent three years ago, highlighting how necessary a reassessment of our current security practices is.

However, there is an argument against increasing cybersecurity measures, stemming from the idea that, as a democratic society, our information should always be open and accessible. On a surface level, this appears to directly oppose the mandate of the cybersecurity industry. Yet, as we consider the lack of security awareness, training, and education in businesses and organizations, coupled with the Ponemon survey, it becomes clear that many individuals and companies are not aware of the steps to take following a data breach. In this way, uniting government and industry will actually shift the focus to closing this awareness gap as information-sharing will become a key component of security. This occurs by creating partnerships between the public and private sectors to allow a bi-directional flow of information so it is now accessible to all parties involved. This will span both classified and unclassified threats, ultimately informing the development of situational awareness tools that enhance the sector’s ability to identify and coordinate on the protection of its critical resources and infrastructure.

As critical infrastructure is a core component of US economic and international prosperity, threats need to be addressed in the most comprehensive, robust manner possible. In an increasingly privatizing market, a strategic network of public-private partnerships appears to be the answer. Therefore, by leveraging the domain expertise of federal security agencies who can protect systems at a higher level, and the up-to-date, evolving technology of private sector companies competing in the market, it will be possible to reinforce the country’s resources and infrastructure, ensuring that it is resilient against new attacks based in the cyber realm.

 

For more information:

Ponemon Institute Survey Results

Protecting Infrastructure Demands a Critical Public-Private Partnership

Public Private Partnerships and Cybersecurity Challenges

Public Private Partnerships in National Cybersecurity Strategies

US Department of Energy Critical Infrastructure Programs


Thanks for sharing !


Comments are disabled.