Blog
/
Cyber Resilience

3 Steps to Cyber Resilience for the Energy Industry

Aiden Herrod
Marketing Program Specialist
June 8, 2023
23 min. read

Experts from IBM Security and Illumio recently gathered for a seminar to review the latest TSA Security Directive and to discuss the latest trends in the energy industry.

Featuring Greg Tkaczyk, an executive consultant with IBM, Rob Dyson, IBM Global OT Security Leader, and Paul Dant, Illumio Senior Systems Engineer, the event featured a deep dive into the shifting state of the energy sector through the lens of evolving cybersecurity needs.

Keep reading to learn more about the TSA Security Directive updates, security expert recommendations for the energy sector, and three steps to cyber resilience in today’s complex threat landscape.

Revised and reissued TSA Security Directive updates

A key topic for the lunch was the TSA’s recent decision to revise cybersecurity requirements for pipeline owners, also known as Ransomware and TSA Security Directive Pipeline 2021-02C. The reissued guidance followed the May 2021 ransomware attack on the Colonial Pipeline, which caused significant fuel shortages, changed flight schedules, and increased fuel prices.  

The guidance outlined numerous steps for pipeline owners to take in ensuring up-to-date cybersecurity, including:

  1. Network segmentation policies and controls
  2. Access control measures to secure and prevent unauthorized access
  3. Continuous monitoring and detection policies
  4. Extensive risk reduction applications
When implementing cybersecurity requirements, grid and distributed energy resource planners should build cyber defenses with the goal of surviving an attack while maintaining critical functionality." – Department of Energy report, Cybersecurity considerations for DER on the US electric grid

Energy sector security requires innovation, digitization, and big data analytics

Beyond breaking down the TSA’s updated guidance, the headlining moment of the event was Dant’s presentation on the challenges facing the modern energy landscape. A heavy focus was around the new challenges plaguing the energy industry. Climate change and the weaponization of energy supply in conflicts such as the war in Ukraine have caused prices to skyrocket recently, forcing rapid change and innovation across the board.

To face these challenges, Dant recommended that energy leaders continue to push innovation in all facets of the industry. Aside from digitizing more assets to optimize supply and manage demand, he noted that security and compliance should be top-of-mind in this new landscape.

Big data analytics must also play an instrumental role, offering benefits for optimizing the efficiency behind a number of key outcomes. Storage, transmission, production, consumer usage, and renewables are all areas that could stand for optimization, said Dant. This means digitizing assets that don’t already produce in-depth data.

Big data analytics in the energy sector consolidate multiple data sources

3 key steps to cyber resilience in the energy sector

All this rapid innovation and digitization means one thing: an expanding attack surface for ransomware. But a growing emphasis from attackers on inflicting pain to achieve their ends does not help the equation.

According to the 2023 World Economic Forum Global Cybersecurity Report, “Respondents now believe that cyberattackers are more likely to focus on business disruption and reputational damage.”

A graph showing how major ransomware attacks have impacted cybersecurity strategies over time

To match the new mindset presented by modern threats, Dant pointed to the mindset changes energy and stakeholders should adopt themselves. Cyberattacks like Not Petya and WannaCry have made the attack surface more complex and accelerated the cyber landscape dramatically towards Zero Trust. A refocusing on containment and resilience is the key.

Preventing cyber disasters in the energy sector requires least privilege, asset-based segmentation

In his presentation, Dant outlined the 3 key steps to cyber resilience:

1. Identify high-risk areas: Remember that threats are drawn towards major societal/business impacts.

2. Develop a response plan: Identify potential risks like assets with highly connected ports, peer-to-peer ports, and well-known ports.

3. Build a long-term strategy: Segment transmission, production, and finance/management. Your new gameplan is to prevent attacks turning into disasters

With simple mindset changes and key practices, the energy industry can adapt to a rapidly shifting landscape with ease.

Related topics

Energy & Utilities

Related articles

Data Center Security — The Great Divide
Cyber Resilience

Data Center Security — The Great Divide

Why an intelligent system incorporating dynamic data center security protocols is key to mitigating security risks.

Read more
Why More Flexible Cloud Service Models Are Less Expensive
Cyber Resilience

Why More Flexible Cloud Service Models Are Less Expensive

Better understand the economic calculations of public cloud providers and make informed choices about resource allocation tradeoffs.

Read more
Take Me to Your Domain Controller: How Attackers Move Laterally Through Your Environment
Cyber Resilience

Take Me to Your Domain Controller: How Attackers Move Laterally Through Your Environment

In the first part of this blog series, we saw different ways a threat actor can carry out the Discovery phase of the ATT&CK framework to gain a lay of the land after an initial infection.

Read more
9 Reasons Why Energy Operators Should Implement Illumio Zero Trust Segmentation
Zero Trust Segmentation

9 Reasons Why Energy Operators Should Implement Illumio Zero Trust Segmentation

Learn why energy providers should implement Illumio ZTS to stay resilient against ransomware and breaches.

Read more
Cybersecurity Is Our Greatest National Resilience Imperative
Cyber Resilience

Cybersecurity Is Our Greatest National Resilience Imperative

With an increased focus on upping production, manufacturing and distribution, cybersecurity and securing critical infrastructure are paramount to that success.

Read more
Building Cyber Resilience? Use the MITRE ATT&CK Framework as Your North Star
Cyber Resilience

Building Cyber Resilience? Use the MITRE ATT&CK Framework as Your North Star

Learn from blue team expert Nick Carstensen about how the MITRE ATT&CK framework can help guide your organization towards building cyber resilience.

Read more

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more