Standard content for Members only
To continue reading this article, please login to your Utility Week account, Start 14 day trial or Become a member.
If your organisation already has a corporate membership and you haven’t activated it simply follow the register link below. Check here.
An exclusive Utility Week poll of senior sector figures has highlighted the growing concerns over the risk of a cybersecurity breach.
The UK Utilities Risk Report, produced in association with Marsh, shows eight out of ten respondents regard a serious cybersecurity breach as a high-risk factor, with 85% saying it would have a major impact on their business.
It emerged as the top risk factor in this poll across energy and water companies, ahead of policy and regulation concerns.
In interviews conducted to analyse the survey findings, one network’s digital director said: “Hardware and software is the big security risk. And the range of risk is enormous; we hold lots of customer data and we wouldn’t want to lose that. Hacking into data could see the lock down of our system and make it difficult to operate.
“That’s the biggest fear – a lockdown of our systems and that we end up losing visibility.”
Interviewees described their exposure to the kind of ransomware attacks corporates across the board are subjected to, as well as their fears that breaches would only continue to grow as a risk factor as operations became more digital, and a large number of digital devices (like sensors) were added to networks.
The director of a gas network commented: “I think it is becoming increasingly important that any of these digital interfaces with your assets is one thing to scrutinise. Another thing is the consequences of losing supply and the reliance that there is on digital solutions, both in terms of communication and in getting the system back up and running. That’s something we’re having to think about as well.”
A retailer concurred: “We’re ultimately building a system in the future that is more exposed to cyber breaches because of coordinating activities on the demand side. There’s lots of new routes in that we don’t have control over that can ultimately result in attack on the electrical network.”
A section head at a water company echoed these sentiments. “Breaches of cybersecurity is at the very top of our risk list. And really this is down to the growth of and accessibility of sensors and IoT [Internet of Things] devices, which we desperately need for our business to boost visibility of how well our operations are functioning.
“But what we’re seeing is that the sensor companies all have their own platform held in their own cloud. It ends up so that your data is scattered everywhere. And unless you have really, really careful governance around you, and have a strategy on how you’re going to manage all of this, it could get very messy, and especially at the innovation end, when trying new things.
“We have a very active cybersecurity department; we have the right. Governance controls over what we’re doing and there is a high chance of us mostly being able to manage that risk. But it needs investment and resource to give it the proper due diligence and to keep pace with the speed of change.”
Please login or Register to leave a comment.