Why energy organisations must choose the right cybersecurity partner to reduce cyber-related risks

Sinister image of hand poised at keyboard for cyber-attack (cybercrime index)
Image: Shutterstock

By Paul Wilson, chief technology officer, Blue Connections IT

Australia’s energy sector faces growing cyber threats, with the nation’s critical infrastructure (CI) severely vulnerable to sophisticated threat actors looking to cause irreparable harm. An attack on an energy organisation can cause power outages, disruption of oil and gas production, and even shut down entire facilities, leading to service interruptions, major financial losses, and potential safety hazards.

In 2022, the Australian Cyber Security Centre (ACSC) reported that an Australian energy provider(1) was breached by multiple actors, including state-sponsored and criminal entities, after the ACSC’s Cyber Hygiene Improvement Programs (CHIPs) (2) contacted the company, notifying it of potentially vulnerable software on its internet-facing servers. Fortunately, the swift response from the energy provider, along with strong network segmentation, was enough to contain the compromise.

However, the cyber threat faced by CI operators is rapidly evolving and will lead to catastrophic consequences, affecting essential services and national security, if not addressed. When it comes to managing the rising threats posed by cyberattackers, most energy organisations know that they must enhance their cybersecurity measures. However, determining the most effective way to do so presents a significant challenge. In response, many are exploring the option of partnering with a managed security services provider (MSSP) for assistance.

Related article: Cyber ‘year in review’ highlights grid vulnerabilities

Partnering with an MSSP provides organisations with additional capabilities and benefits, including:

Access to specialised skillsets

Specialised cybersecurity skills are hard to come by. Australia is currently experiencing a critical skills shortage across the IT sector, with cyber skills particularly in short supply. In addition, building and maintaining an in-house security team with the necessary expertise for a robust cybersecurity practice involves substantial costs and resources, making it an almost impractical and expensive undertaking for many companies in the energy sector. Instead, energy organisations should look outside the box for a solution. MSSPs specialise in cybersecurity and have a dedicated team of experienced professionals with deep knowledge and expertise in protecting businesses against evolving cyber threats. They typically offer real-time threat intelligence and cyber skills at a fraction of the cost of building a dedicated security team in-house.

Lower costs

Cybersecurity is expensive. In addition to attracting and retaining a highly experienced team of cyber experts, there are costs associated with maintaining and updating cybersecurity products while providing around-the-clock support, proactive monitoring, and quick reaction times for cyberthreats. And, with so many security products designed to protect certain environments and platforms, these costs can add up. Unfortunately, this is something most energy organisations can’t afford to pay for.

An MSSP, on the other hand, can help lower these costs by providing access to the requisite 24/7 support, proactive monitoring, and rapid reaction times that companies need, while also delivering specialised expertise, advanced infrastructure, scalability, and assistance with compliance. This helps businesses avoid the expense of building an in-house team, the cost of continuous training, incident response fees, non-compliance penalties, and more.

Automated tools

Internal IT teams are often spread thin across multiple IT-related tasks and projects and don’t always have the bandwidth or resources they need to manage cybersecurity on top of their existing responsibilities. Failing to adequately manage and monitor security opens the door to vulnerabilities that can be exploited by threat actors of all kinds. Rather than relying on internal IT teams to monitor security around the clock, an MSSP team can notify the organisation if a breach occurs while simultaneously taking immediate action to resolve the issue. This proactive approach significantly reduces the time it takes to discover and address potentially catastrophic cyberattacks, enhancing the overall incident response capabilities of the company.

Access to scalability

In-house maintenance and support of cybersecurity technology can strain budgets, especially if a business is experiencing, or planning for, growth. Partnering with an MSSP gives organisations access to cutting-edge security products that facilitate business scalability without breaking the bank. MSSPs have robust and scalable infrastructure that includes hardware, software, and security tools. They stay up to date with the latest security products, ensuring energy companies have the flexibility to pursue growth goals while maintaining a strong and adaptable cybersecurity framework.

Related article: Customer details exposed in EnergyAustralia cyberattack

Operational technology (OT) expertise

As the sector continues to integrate advanced technologies like Internet of Things (IoT) and industrial control systems (ICS), the convergence of IT and OT becomes of paramount importance. Energy providers should prioritise partnering with an MSSP with an in-depth understanding of the intricacies of OT and that offers specialised services tailored to the unique needs of energy facilities. An MSSP with a focus on OT can provide specific threat intelligence, cybersecurity expertise, incident response and recovery capabilities, and guidance on compliance with OT standards and regulations.

An attack on CI in the energy sector can inflict devastating damage, hindering the activity of power stations and obstructing the provision of electricity to potentially millions of Australians. Without the resources to adeptly defend their infrastructure, energy providers are at risk of experiencing a major disruption to their essential services through attacks that have already succeeded in causing temporary, large-scale power outages.

MSSPs provide a viable alternative by offering a range of cybersecurity services to help businesses enhance their security posture and improve their cyber resilience. Partnering with the right MSSP lets energy organisations tap into the expertise of a qualified and experienced security team offering real-time threat intelligence and cybersecurity expertise at a significantly lower cost compared to establishing an in-house security team. With energy providers being a prime target for threat actors, having the appropriate support—in the form of an experienced, dependable MSSP—is more crucial now than ever in ensuring robust cybersecurity measures.

References:
(1) https://www.cyber.gov.au/about-us/reports-and-statistics/acsc-annual-cyber-threat-report-july-2021-june-2022
(2) https://www.cyber.gov.au/about-us/news/acscncsc-collaboration-strengthen-cyber-security-posture#:~:text=The%20ACSC%20runs%20Cyber%20Hygiene,as%20guide%20urgent%20remediation%20work

 

Previous article$375m Derby Tidal Power Project hits the skids
Next articleEndeavour launches Bungarribee community battery trial