Report Examines Cybersecurity Spending for Smart Grid
August 15, 2017
[ back ] [ comment ]
Electric power systems around the globe are undergoing a radical evolution during the
21st century and are increasingly embracing transformative concepts like decentralization,
automation, and digitization. This paradigm shift has led to the deployment of billions of
networked sensing devices and a continued expansion of communications networking
outwards to the grid edge. While this transition has led to unprecedented visibility and
control for utility operators, it has also greatly expanded the potential surface area for cyber
attack. Additionally, the exponential growth in the number of attacks and threat actors is
shaping a business environment in which the question utilities now face is when an
incident will occur -- not if.
Cybersecurity threats pose a unique challenge for utilities due to their lack of predictability.
Unlike outage events related to weather or asset depreciation, which can be predicted by
utilizing historical data or advanced management and forecasting systems, utilities cannot
foresee cyber attacks with any level of accuracy. While large-scale attacks have been
limited to date, the hack on the Ukrainian power grid in December 2015 and the more
recent WannaCry ransomware attack are motivating utilities to expand beyond traditional,
compliance-based management practices and begin actively addressing cybersecurity.
The potential effects of a well-coordinated cyber attack on utility operations could be
particularly devastating for the frequently targeted energy sector-due to cascading
failures and the nature of IT and industrial control system (ICS) networks. The smart grid
cybersecurity landscape is constantly evolving, and staying up-to-date in terms of
awareness, recognition, enterprisewide planning, and implementation is more important
than ever in an environment beholden to reliability, efficiency, and customer experience.
Defense measures are slow moving and often trail the more innovative methods of attack.
Effective response strategies to these attacks have been hindered by factors such as low
levels of information sharing, lack of sufficient IT resources, and insufficient regulation,
While barriers remain, utilities are increasingly looking toward the bigger picture and are
realizing the need for more comprehensive cybersecurity strategies. Moving beyond oneoff,
point-to-point solutions and
devices continue to mature.
Key Technologies for Smart Grid Cybersecurity
The ongoing digitization of utility operations is largely a function of smart grid technology
deployments; these provide the basis for this study and accompanying market forecasts.
This report assesses the threats and vulnerabilities that accompany smart grid
technologies, resulting in a list of most likely cybersecurity investments:
- Antivirus software Application whitelisting
- Business continuity planning (BCP) Change management
- Compliance assurance Cyber forensics
- Data diodes Defense-in-depth security
- Device-to-device authentication Embedded device security
- Identity and access management Multifactor authentication
- Network and device resilience
- One-way data communication
- Perimeter security devices, such as
firewalls and intrusion detection or
- Redundant or backup
communications routing, using
different physical layers
- Restricted use of removable media Role-based access control (RBAC)
- Ruggedized devices
- Security event logging and
- Security incident response
- Security overlays on legacy systems,
sometimes called bump-in-the-wire
- Situational awareness
- Software patch management,
especially for control networks
- Unidirectional security gateways
- Virtual local area networks (VLANs)
- Virtual private networks (VPNs)
Navigant Research expects the market for smart grid cybersecurity spending to show
robust growth over the forecast period as grid operators respond to increasing security
threats with new waves of investment. Navigant Research expects overall revenue to grow
from approximately $1.8 billion in 2017 to nearly $3.2 billion in 2026 at a compound annual
growth rate (CAGR) of 6.6%.
Please note: By posting a comment, you agree to our Terms & Conditions.