Below is a complete example of a hot topic update from the PracticeView monitoring service. It includes background information, client discussion points, and resources and commentary which can be used by your firm and its professionals to stimulate discussions with clients and/or prospects. Click here to learn more or subscribe to PracticeView.
Background
A smart grid adds monitoring, analysis, control, and communication capabilities to the electricity supply chain. This promotes efficient and economic energy usage by informing the customer exactly how much electricity they are using on a real-time basis. As electricity providers transition to a smart grid system, they will be better able to optimize the operation of the entire electrical grid. Maintaining the security of this infrastructure is the next hurdle that electric companies are beginning to face – as data is collected, there are increasing concerns as to how that data will be used, how it will be stored, and how it will be secured.
A security breach can result not only in data loss or service disruption; it can result in financial losses, intellectual property theft, fraud, and reputational damage. Electric companies need to be proactive in the protection of their smart grid, reducing the risk of unauthorized access and the misuse of the smart grid and its capabilities.
Implications
To best protect their company, electricity providers must become familiar with traditional and emerging threats to cyber security. They must become familiar with indicators of security breaches and whether systems have been compromised. As these breaches are identified and resolved, a security assessment should be conducted to confirm resolution and to ensure protection against future threats. Companies must take an aggressive stance against cyber security threats by:
- establishing security policies that are continually evolving
- identity and access management
- evaluating threats and vulnerabilities
- regular testing for compliance with security regulations
- virus and intrusion detection
- education and awareness
- reviewing incident responses
Client Discussion Points
- Are electricity providers familiar with emerging threats to cyber security?
- How frequently are security assessments schedule to identify and resolve system compromise?
- What security policies are in place to actively manage cyber risks?
- Are virus and intrusion detection programs up to date?
- How are responses to incidents evaluated for continuing improvement?
Resources & Commentary
- PwC: Getting Real About Cyber Threats: Where Are You Headed?
- Navigant: Paths to Smart Grid Interoperability
- Ernst & Young: Turn Risks and Opportunities into Results: Exploring the Top 10 Risks and Opportunities for Global Organizations
- VPR News: Privacy Issues Raised By Smart Grid Technology
- Grant Thornton: The State of the Industry – Technology, Opportunity and Regulatory Change
Click here to learn more or subscribe to PracticeView.
