Power

How Local Distribution Companies can become cyber-aware

Defending the grid: A methodical approach to LDC cybersecurity

While no industry is immune to today’s cyber threats, Ontario’s electrical grid and its associated businesses face a unique set of challenges. The interconnected nature of the industry, combined with the emergence of new cyber actors and trends, requires every player to make cybersecurity a priority if the industry hopes to reap the benefits of technological advancements. That is because, in this industry, you’re only as secure as your weakest link.

woman on laptop

To encourage all LDCs to climb the ladder of cybersecurity maturity, and better protect the ecosystem as a whole, the Ontario Energy Board introduced the Ontario Cybersecurity Framework (OCSF) in March of 2018. The voluntary framework requires LDCs to complete a self-assessment to determine if they’re at low, medium or high risk of a cyberattack. It also offers high-level advice and resources to help providers enhance their level of cyber preparedness.

While the framework is currently voluntary, the experience of other industries shows that it likely won’t stay that way. It's quite possible mandatory regulations could be implemented in the not-so-distant future.

Regardless, there are still a number of simple steps LDCs can take to assume a more proactive stance by demonstrating their commitment to cybersecurity and defending their organizations, and Ontario’s power grid, from cyber threats.

Understand what perpetrators are after 

In today’s ever-changing geopolitical climate, LDCs have become potential trophies for cybercriminals who want to disrupt systems, create chaos and reap personal benefits in the process. As a result, there is a growing trend towards cyberattack campaigns led by special interest groups, terrorists, nation states and hacking groups.

Understanding what perpetrators are after

In today’s ever-changing geopolitical climate, LDCs have become potential trophies for cybercriminals who want to disrupt systems, create chaos and reap personal benefits in the process. As a result, there is a growing trend towards cyberattack campaigns led by special interest groups, terrorists, nation states and hacking groups.

Some of these groups could be targeting your customers’ information—such as payment details, names, passwords and phone numbers—which they intend to sell on the black market. Others may be looking for ways to disrupt Ontario’s entire power network by overloading unprotected systems.

An LDC’s first order of operation, should be to conduct a thorough and complete cyber risk assessment. This involves taking time to research prevalent cyber threats targeting LDCs in Canada and across the world. From there, you should work to identify your crown jewels—or the critical systems and data a cybercriminal would most likely be after. Given that it’s impossible to protect every aspect of your operation, this list will be a good starting point in guiding your cybersecurity efforts.

Create a breach response strategy

With the high volume of malicious cyber actors—and the pervasiveness of cyberattacks—it’s very likely that, at some point, your LDC will be the subject of a cyber breach. When that day arrives, it’s critical that the breach is detected and thwarted as swiftly as possible.

To effectively mitigate the risk of a serious cyberattack, it’s essential to prepare a breach response strategy in advance that will allow you to anticipate things that could go wrong.

The first step in creating a strategy is to determine what will happen if a breach is detected. Will you have an internal team in place to launch an investigation or will you call a third-party in to handle it? Whichever option you choose, it’s essential to have well-defined processes in place for your team to follow. When a breach occurs, you want forensics to be able to quickly identify which area of your IT infrastructure has been breached, determine what needs to be done to stop it and ultimately track down the perpetrator.

This means you’ll need prior knowledge of your systems and access to a map of your IT infrastructure. This map should outline and properly document all your existing servers, routers and firewalls, among other things. You can also include information about where your organization stores its crown jewels and any vulnerable points of entry. Lastly, take steps ahead of time to make sure your IT logs are properly maintained—meaning they’re turned on and have sufficient capacity to record the information needed to trace a breach.

Broaden your perspective

Modernizing your cybersecurity infrastructure will undoubtedly come with increased costs. Many small and large LDCs in North America have already started leveraging emerging technologies like machine learning (ML) and artificial intelligence (AI) in other areas of operations, as part of their digital transformation strategic initiatives. Using innovation and leveraging new technologies can also be effective in improving the security postures of your organization, as well as helping to realize substantial savings.

To achieve the optimum efficiency, however, CEOs, CIOs and CFOs must take a holistic approach to their organization’s modernization efforts—and craft a digital transformation strategy that includes cybersecurity. This is particularly salient if you're considering investing in new technologies to improve operational functions—such as load forecasting, demand management, predictive maintenance or customer insights and analytics. In this case, it makes sense to incorporate cybersecurity features into the overall enterprise design efforts of your digital transformation programs. Not only will this leverage the investments you're making to modernize your organization, but it can also help you achieve cost savings while simultaneously improving the organization's risk profile. 

Help, when you need it

While cybersecurity can be an intimidating topic for many LDCs, it should be treated like any other business risk. By taking time to conduct a risk assessment, implement a breach plan and integrate cybersecurity into your organizational modernization efforts, you’ll be able to affordably defend the critical areas of your business—and the Ontario power grid as a whole.

To learn more about how Grant Thornton LLP can help you with Cybersecurity Assessment, Remediation and Response Services, please contact us.