Cybersecurity of the smart grids follow a perimeter method which makes the infrastructure vulnerable to attacks. How can an internal security be availed for the smart grids is elaborated.
FREMONT, CA: Smart grids are a crucial resource to the state as well as public, making it susceptible to cyber attacks. All security systems to date have had cybersecurity strategies focused on the perimeter. The smart grid is a national asset and is the most substantial investment of the DSO (Distribution System Operator), which is relied upon by the mission-critical and life-saving services. By meeting the objectives, the smart grid creates numerous points of entry from where the cyber-criminals can attack.
In the recent inspection by the Information and Communications Technology (ICT) industry, it was proven that only perimeter defense is insufficient. A perimeter comprises ICT, processes, and people. Even if the ICT sector achieves high theoretical protection, the processes and people are the ones who create loopholes, which the cybercriminals use to attack.
The latest cybersecurity solutions are a collective of defense in detail with the idea that the security will eventually be breached. It suggests that the detection and response when combined with protection, it is possible to build a comprehensive defense.
With the smart grid being immensely complex, the upgrade of the perimeter to the most modern standards may result in being disruptive and time-consuming while applying in response to the new mechanisms of attack. In reality, the attacker is always the initiator, and the technology will create a lag in the deployment of a solution across national infrastructures.
Assuming if the smart grid was a house, the perimeter solution would mean to change the locks every week.
A concept incorporated in several SIEM (Security Information and Event Management) systems is a correlation of large quantities of isolated and false positive events against a varied set of contextual area. The challenge being the focus of ICT SIEMS is laid entirely on infrastructure and do not contain the built-in understanding of smart grids to make sense of specific data to context.
With such SIEM deployed, the DSO can increase the rate of self-defense without depending solely on the perimeter. The DSOs with a similar system will be much less susceptible to attack, theft of information, infrastructure theft, and may also result in a reduction of lower corporate insurance premiums. Consumers are subjected to lower vulnerabilities concerning publication or leak of personal information.