Building Resilient Utility Security: Integrating IT, OT, and Physical Strategies for a Safer Future
In recent years, physical and cyber-attacks on utility infrastructure have created havoc across various cities across the country. The December 2022 shooting at two substations in Morre County, North Carolina left 45,000 people without power for up to 5 days. In Wichita, Kansas hackers specifically targeted water utilities water metering and billing system back in May but an MIT professor of engineering systems and cybersecurity, Stuart Madnick, warns it is possible for such attacks to impact the operational technology (OT) of water plants with the potential to shut down water supply for days or weeks.
In the technological landscape, utility districts face a unique and unprecedented set of challenges. The interconnectedness of physical infrastructure and digital networks has created a whole new frontier of vulnerabilities. A unified approach combining physical and cybersecurity might just be the key to maintaining resilience, reliability of service, and public trust.
Why Integration is Non-Negotiable
Utilities have become enticing targets for criminals, vandals, and even terrorists. The U.S. Department of Energy reported a staggering 70% increase in physical security incidents against electricity infrastructure in the last few years. At the same time, the digitization of utilities exposes them to cyber threats that can have real-world consequences. It’s clear that protecting these assets demands a holistic defense strategy, one that protects utilities from increasing threats from both physical and digital realms.
Kreg Christoff at Motorola Solutions emphasizes the importance of finding proven security solutions amid budget constraints, advocating for the integration of physical security measures to ensure security teams are proactive:
“The success of a substation physical security program will come down to a well-designed system with new technologies and integrated third-party equipment, successful systems implementation and maintenance, leverage technology, and consistent operator training.”
Addressing Core Challenges
Vandalism, Theft, and Terrorism
Utility stations are vulnerable to vandalism and theft, with copper wiring and other valuable components as prime targets. But these attacks aren’t just about material loss—they highlight vulnerabilities that could invite more sophisticated intrusions, including terrorism.
Utilizing advanced video AI and analytics can enhance situational awareness and deter potential offenders. Implementing robust surveillance and access control systems can limit unauthorized entry and protect critical infrastructure.
Cyber Vulnerabilities in Legacy Systems
Many utilities have outdated systems that lack modern cybersecurity defenses. The integration of IT and OT systems increases the attack surface, making utilities susceptible to cyber threats that can disrupt operations and cause physical damage.
Upgrading legacy systems with modern, secure infrastructure is crucial. Implementing strong network segmentation and access controls can reduce risks, while regular software updates and patches ensure systems remain protected against evolving cyber threats.
Insider Threats and Access Control
The insider threat is a potent risk, as employees and contractors with access to sensitive areas can inadvertently or maliciously compromise security.
Adopting a “least privilege” access policy and deploying biometric and/or multi-factor authentication can prevent unauthorized access. Regular audits and monitoring can also help detect and deter malicious activity.
Natural Disasters and Dual Threats
Natural disasters pose a dual threat by damaging both physical facilities and IT infrastructure, leaving systems vulnerable to subsequent cyberattacks.
Robust disaster recovery plans that address both physical and cyber contingencies are essential. This includes offline system operations, backup power solutions, and cross-functional emergency response strategies.
A Unified Security Blueprint
To address both current and future vulnerabilities, utility sectors are increasingly adopting a holistic solution that tightly knits together IT, OT, and physical security. By breaking down traditional silos and fostering collaboration across these functions, utility managers can enhance threat detection, streamline operations, and ultimately reduce the risk of vulnerabilities.
Bringing IT, OT, and physical security together isn’t just about managing risk; it’s also a practical way to boost operational efficiency. Integrated systems make it easier to share real-time data across departments, enabling faster response times and more coordinated action during potential incidents.
With a unified approach, utility managers can anticipate and address emerging threats more effectively, helping to protect critical infrastructure and maintain service continuity even in high-risk scenarios.
The Future of Utility Security
Looking ahead, the future of utility security hinges on continued integration and innovation. As technology evolves, utilities must prioritize continuous improvement of their security protocols, leveraging advancements like AI-powered security analytics to gain predictive insights and mitigate risks proactively. The cooperative engagement of all stakeholders— from IT specialists to OT engineers and physical security experts—is crucial for creating a resilient infrastructure capable of withstanding modern threats.
We invite you to reflect on your team’s efforts towards this integration. What strategies have proven successful in your utility district, and what challenges remain? By sharing our experiences and solutions, we can work together to strengthen utility districts and keep them secure against today’s evolving challenges.
Sources:
CNBC Cyber Report, June 26, 2024, America’s Drinking Water is Facing Attack, with links back to China, Russia and Iran, by Trevor Lawrence Jockims
NY Times, February 4, 2023, Attacks on Electrical Substations Raise Alarm, by Michael Levenson
https://www.nytimes.com/2023/02/04/us/electrical-substation-attacks-nc-wa.html
ASIS, July 1, 2024, Strengthening Infrastructure Security: Convergence in Utilities Industry, by Lou Caputzal
Motorola Solutions Blog, June 5, 2024, Advancing Substation Physical Security with Video AI, by Kreg Christoff
https://blog.motorolasolutions.com/en_us/video-ai-for-substation-security/
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.