Many factors have led to the new range of security challenges faced by electrical substations today. The adoption of new technologies – such as transmission control protocol/internet protocol (TCP/IP)-based technologies for both substation automation networks and wide area network (WAN) communications between substations – has opened these networks up to more cyber threats. A good cyber security policy, however, is a simple first step to maintaining the reliability and the safety of substation and grid operations.
Cyber security is often used to describe protection against online attacks, but a more holistic view of cyber security involves a collection of measures adopted to prevent unauthorized use, malicious use, denial of use, or modification of information, facts, data or resources. Cyber security not only refers to intentional attacks from outside the network, but also internal issues and unintentional modifications of information.
With both internal and external threat sources in mind, it is important to establish preventative processes for any issue that could lead to network downtime. These measures could include devices, configurations, internal security policies, and employee and contractor training. And since it’s not realistic to assume all threats can be prevented 100 percent of the time, recovery strategies after issues occur are also critical to protect network uptime.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program