Editor’s Note: Early this year, Leo Simonovich, VP and Global Head, Industrial Cyber and Digital Security, Siemens Energy, predicted in his cybersecurity outlook that cyber attacks against the energy sector will get more frequent and severe. This prediction has certainly played out in reality, with numerous media outlets recently reporting the extent to which hackers are now focusing on the U.S. power grid. In this post, Simonovich, who also was recently quoted in Bloomberg’s reporting on new partnerships that electric utilities and energy companies are forming with cybersecurity vendors, shares additional insights on the efforts underway to secure critical infrastructure.
What is the current state of cybersecurity for critical infrastructure?
Industrial cybersecurity has become the new risk frontier. In fact, attacks targeting the OT environments have gone from low single digits to over 30 percent. Critical infrastructure is the most important thing that we have to protect. If and when an event does occur, it can have catastrophic consequences. That is why we at Siemens are addressing the cybersecurity problem for the industrial environment holistically. First, securing our products, but secondly, offering comprehensive solutions that solve the visibility problem for our customers.
Cybersecurity is a journey, and we always want to stay one step ahead of the attackers. To do so, we need to continue partnering and innovating. The core challenge that needs to be solved today is that of visibility and detection. Who knows what the world will bring? We know that analytics is going to be a core part of anything we do. We know that detection is going to be a core part of what we do.
Are companies “going it alone” on the cyber threat topic, or are we seeing industry collaboration?
We know that it takes a village to solve the cybersecurity challenge, and that is why we partner with best-in- breed technologies to help us address the core challenges in the industrial cyber space. How do you monitor and detect? How to get comprehensive inventory of your assets? Also, how to respond to attacks? We partner with our customers on the cybersecurity journey, from the early stages we need to develop a strategy, to helping harden the operating environment, to working with them on a comprehensive basis, to helping them monitor and detect the smallest attacks that can have major consequences.
How are companies addressing edge technologies like renewable energy?
The core challenge that we're jointly solving is that of visibility. Detection in the industrial space is key. You cannot protect what you cannot see. New and innovative technology, finding companies to partner with and training your workforce will allow us to better detect, contextualize, and most importantly, react to increasingly speedy attacks.
Increasingly, as renewables and outlying assets move to the edge and as grids become more distributed, we know that security has to scale new operating models for asset operators. We also know that it's important for vendors and asset owners to partner together to solve this challenge.
This is why we believe that blueprints are increasingly going to be required to solve the problem at the edge, where a lot of the intelligence sits. To solve this problem in solar, and in wind, what's going to be required is detection and analytics. To do so, it's really important to monitor those assets, to monitor them in real time, and to pair cybersecurity data analytics with performance data to get a true detection.
Those blueprints will make the edge the new center.
What’s next for Siemens?
We're working with partners to apply AI and machine learning to detect threats in distributed environments. We’ll soon launch a first of its kind industrial cyber monitoring platform. This new solution can secure the complete operating environments. Assets that sit at the edge, whether we're talking about solar, or wind, the control room, traditional assets in the power plant, all the way up to the enterprise network. We’ll continue to advance the initiatives behind the global cybersecurity Charter of Trust to bring new and exciting solutions to the market, and ultimately, we want to help the industry mature.
Published On: August 14th, 2018