Lightbulb moments: How cyber security and operational tech can reduce threats to energy and utilities infrastructure

October 23, 2024

Lightbulb moments: How cyber security and operational tech can reduce threats to energy and utilities infrastructure

October 23, 2024

Hacker lightbulb moments

Protecting energy infrastructure from cyber threats is crucial to prevent devastating attacks. Learn more about the security measures you can take to reduce your risk and prepare for upcoming legislation.

Authors

Gord Chalk is MNP’s Western Energy and Resources Leader. A trusted strategic advisor to executives at some of North America’s largest energy, pipeline, power and utilities companies, Gord has also led dozens of strategy, process and technology projects to successful execution for more than 25 years.

Chris is an MNP Digital Partner based out of Vancouver. With an extensive technical background and more than 25 years of IT and cyber security experience, Chris brings a keen understanding of company IT infrastructure, and demonstrated excellence in identifying risk and emerging issues to his role.

Energy and utilities companies are frequent targets for cybercriminals looking for fame or notoriety. A successful attack on your organization’s energy infrastructure can damage your company’s data and reputation.

However, nobody likes to consider what would happen if critical energy and utilities infrastructure is compromised. Many organizations implement essential cyber security practices/tools and assume they are prepared for a cyber incident. Fewer go beyond the bare minimum to allocate sufficient resources, capacity, expertise, and funds to respond to cyber incidents effectively. Let’s discuss what steps your organization can take to prevent or mitigate cyber incidents and how to build momentum for your cyber program to protect vital energy infrastructure.

How can you prevent cyber incidents?

MNP Digital works with many organizations in the energy infrastructure space across Canada. The most common question our incident response team hears is: “What could we have done differently to prevent this from happening?”

These steps can help you reduce the probability and mitigate the impact of a cyber incident:

1. Prevent issues with third parties

Third parties are often the weakest (and most frequently overlooked) link in your cyber security chain — and the easiest entry point for cybercriminals. Cloud service providers, payment processors, software suppliers, and other third-party vendors may have inadequate security measures that enable attackers to gain unauthorized access to your data and information.

Additionally, it’s common for third-party vendors to point fingers, deny responsibility, and otherwise cause costly delays in responding to the incident. To reduce issues with third parties, your organization must enforce strict security requirements and conduct regular assessments of third-party risks, including:

  • Security posture compliance
  • Use of contractor devices
  • Physical security of third-party locations
  • Use of extra-regional resources (not subject to Canadian laws)

Ensuring your contractual obligations include clear incident response roles and timelines can also help minimize delays / unnecessary obstructions.

2. Review upcoming legislation

The government has proposed legislation such as Bill C-26 to mitigate the impact of cyber incidents on critical infrastructure. This legislation will require reporting and recovery plans to be put in place within your organization to help reduce risks to Canada’s energy infrastructure.

Reviewing the proposed legislation for Bill C-26 can help your organization understand what steps to take to create an effective reporting and recovery plan. Additionally, the timely reporting requirements can help your organization gain increased visibility into the cyber threats it is facing. Developing and maintaining recovery plans can strengthen your organization’s overall resilience and help protect vital infrastructure.

It’s also important to realize that this is just the beginning. Across Canada and globally, more and more laws are being passed to ensure cyber security standards are met. By getting ahead now, you’re saving yourself a larger investment later.

3. Develop a data governance structure

Many organizations have not effectively enforced how or where data is stored. While they may believe their data is secure, people can still gain access quickly through channels like shared drives. Additionally, organizational processes such as sending files instead of links may leave energy and utility companies open to data theft. Even employees who are aware of the risks associated with handling data may leave sensitive information unintentionally vulnerable.

Developing a data governance structure can help you establish clear policies, procedures, and responsibilities for managing your organization’s data. This framework will help ensure that sensitive data is classified, secured, and accessed solely by authorized employees to decrease the threat of data breaches. Additionally, providing employee training programs can help raise awareness of cyber threats and reduce the probability of a successful attack.

How to build the momentum of your cyber program

The tips above can help prevent or mitigate cyberattacks on your organization and protect essential energy and utilities infrastructure. However, many organizations need a cyber security strategy, the capacity to execute this strategy, and the expertise to identify and address cyber threats. It is vital to continue your efforts to build momentum for your cyber program to ensure your organization is protected from cyber incidents.

These three steps can help you develop a comprehensive and proactive cyber program:

1. Develop strategy and plans

Create or refine a strategy to reduce cyber threats to your energy and utilities infrastructure. Break your strategies and plans into small steps by focusing on smaller, more manageable engagements. When building a business case, try to avoid going too far into the technical details and focus on the overall outcomes.

It is also vital to keep moving forward to prevent losing momentum. While working on one engagement, budget and plan for the next engagement. This helps your cyber program stay top of mind within your organization.

2. Enhance capacity

Your organization may not have enough resources to deal with all the cyberthreats and issues it faces today. Additionally, it may not have the right security tools and controls in place or the expertise to identify security gaps and address them proactively.

An external incident response team can enhance your organization’s capabilities to proactively address issues and respond to cyber incidents through services such as:

  • Cyber awareness training Cyber awareness training educates your employees on cyber security best practices. This reduces human error, strengthens your organization’s security posture, and minimizes vulnerabilities.
  • Security assessments A security assessment can help your organization reduce cyber incidents by identifying misconfigurations, vulnerabilities, or weaknesses in its systems. These insights and recommendations can help strengthen your organization’s defenses.
  • Data governance and privacy services These services can help you establish policies and procedures for storing, managing, and accessing data. This helps minimize unauthorized access and safeguards data integrity, reducing the risk of a cyber breach or data misuse.
  • Security implementation services for detection and response systems—Implementing security controls through the deployment of a detection and response solution (MDR) and a security incident and event management solution (SIEM) can help protect your organization from cyber threats.
  • Managed security and incident management This can help enhance your organization’s ability to mitigate cyber incidents through 24/7 security monitoring services, security orchestration, automation, and response (SOAR) capabilities, security-related tabletop exercises, and incident response services.

3. Grow your capabilities

Explore additional services to grow your capabilities. For example, services such as CISO in a Box can help your organization set a security strategy without hiring a full-time employee. The service typically includes managed security services, strategic guidance, risk management, compliance support, and cyber security best practices delivered through an automated platform.

Take the next steps

It is crucial to take the right steps to prevent cyberattacks on vital energy and utilities infrastructure. Preventing issues with third parties, following the guidelines of upcoming legislation, and developing a data governance structure are the first steps toward preventing cyber incidents. However, building the momentum of your cyber program by developing a cyber strategy and plans, enhancing your capacity with the support of a third party, and growing your capabilities are necessary to protect infrastructure from cyberattacks.

For more information, contact a member of our Cyber Security team. Our team will work with you to set a security and privacy baseline, identify your top threats, and define resilience tactics to effectively future proof your organization.

Connect with us to get started

Our team of dedicated professionals can help you determine which options are best for you and how adopting these kinds of solutions could transform the way your organization works. For more information, and for extra support along the way, contact our team.