Here's Why IoT Security Is Crucial for Utilities

Here's Why IoT Security Is Crucial for Utilities

By Energy CIO Insights | Friday, January 17, 2020

The proliferation of IoT is crucial for data analysis and decision-making; however, it poses a risk to the security of the devices.

FREMONT, CA: The Internet of Things is transforming the energy industry as the functions that once required, manual labor or onsite supervision are being fully automated. For instance, an oil refinery may use IoT sensors to alert the staff when on equipment failure. The devices can collect data such as the temperature or the flow of the oil and further analyze performance data to improve efficiency. Despite the benefits, IoT devices pose a significant security risk to the utility sector. On an average, energy companies invest seven percent of their budget on implementing IoT devices but spend only one percent on securing the devices, according to a joint study by IBM and Oxford Economics. The study also found that companies have adequate knowledge and resources to take precautions. In 2015 Russian hackers hijacked a Ukrainian power grid, and again in 2018, Russia hacked the U.S. power grid. Experts also believe that energy and utility assets are significant targets of hackers.

According to a report by SANS Institute, 60 percent of security practitioners believe that industrial control systems face high threats. In the meantime, the number of IoT devices will increase up to 180 million by 2020 as compared to 50 million devices in 2014. The increase in devices will lead to a rise in the vulnerability of all types of systems. For instance, an oil refinery uses connected devices to control hundreds of valves. Owing to the IoT devices, the facility is vulnerable to hacks, which can start a fire that can result in injuries or environmental damage. The hackers target supervisory control and data acquisition networks which are connected to the internet without proper security precautions. 

To prepare for potential trouble, companies need a coordinated game plan. The companies must not falter in encrypting all the communication endpoints and sensors to the edge and then to the cloud. Recently, companies are also using authentication technology to ensure that only approved users gain access to IoT networks and related systems. One of the most common strategies is to adopt anti-virus software to protect against the latest malware. Apart from these basic practices, companies can also undergo third-party vulnerability assessments and fix the weak spots.



Weekly Brief

Read Also