Today, there are no shortage of experts or headlines that tout artificial intelligence (AI), Internet of Things (IoT), blockchain, and grid edge technologies as the key to building an electric grid that is distributed, consumer-centric, and more resilient than our current electric grid. However, the fact remains that policy makers, regulators, and the utility industry must first address the cybersecurity risks that come with a 21st century grid that will become increasingly more data-centric than electron-centric. Our recent survey of 140 North American electric utilities found that 88% of respondents expected cyberattacks to increase in the next 2 to 3 years.

“When I think about the threat of cyber and physical terrorism to our infrastructure, I really think about it in the context of the existential threat that nation states in particular or a very well organized splinter group could try and take down the electricity grid and really interfere with American commerce and our fundamental way of life.” – Tom Fanning ( watch here)

Ninety-five percent of the utilities in the survey indicated they felt prepared to handle the cybersecurity needs of Grid Modernization technologies. Cybersecurity concerns were cited the most among advanced distribution automation, cloud solutions, AMI meters, IoT, and DER integration (see graphic below).

Source: Zpryme infographic: The State of Cybersecurity & Compliance for Utility Real-Time Operations 

2018 Cybersecurity Trends

Given the increased focus on cybersecurity in the electric industry, we see five trends that will impact Grid Modernization efforts in 2018.

  1. White Hats Unite: As hacker sophistication increases, the electric industry must also evolve it’s cyber defense capabilities. In 2018, the utility industry will rapidly recruit hackers to detect and enable faster response times to cyber attacks.
  2. End-to-end detection and response: Detection and response will become an enterprise wide effort. Management and employees at all levels of the organization will be used to defend and respond to cyber attacks. This will entail rigorous PR and communication planning to inform staff how to proactively engage with the media and social media once a breach has occurred.
  3. Rise of the Chief Information Security Officer (CISO): In 2018, this c-level position will become a key position at utilities deploying advanced grid technologies. The CISO will be held accountable to defend and respond rapidly to cyber attacks
  4. Data and Access Prioritization: Utilities will assess and rank the value of their systems and technologies based upon the value (of the data) to potential threats. In addition, stricter user access protocols will be used to limit access to critical systems.
  5. Organized Electric Grid Hacker Groups to Form: Driven by political ideology, 2018 will see the coming of hackers attacking the grid for political motives. The current political climate has created an opening for hackers to quickly claim a “victory” by disrupting the U.S. electric grid.