Top of mind for most electric utilities now is how to adopt clean energy sources without sacrificing resilience, reliability, security and regulatory compliance. Addressing the first concern obviously requires that you also accommodate rapidly proliferating clean distributed energy resources for prosumers as well as migrate to clean generation at your power sources.
Solar primarily is supplanting coal and oil at the source, and solar and batteries are supplementing them at customer locations.
Of course, to improve service and spin out value-added revenue sources, you are installing smart meters wherever possible. Meanwhile, the pandemic forced many of your employees to go remote, so it appears that post-Covid work environments will remain largely hybrid. The supply chain crisis also pointed up the need for you to have better visibility into your supply chain. You now not only must use track-and-trace technology, but you also must assess suppliers’ integrity to ensure suppliers practice adequate security and that they are not bad actors who might ship you individual devices with built-in capabilities to operate, say, like a trojan horse to populate your infrastructure with malware. Policy and competitive pressures, of course, are driving you to digitally transform and migrate more resources to the cloud to become agile.
Every aspect of your business and operations is changing. How will you adapt? As importantly, as your threat surface expands all ways at once across employees, customers and suppliers, how will you secure your source-to-serve infrastructure as you adapt?
Feeling overwhelmed? You have every right to be.
That’s why outsourcing security to a managed services provider is often the solution for a utility in transition -- or should we say in crisis?
Your Options
There are two types of managed service providers for security.
Managed Security Service Providers (MSSPs) are tech-only providers the main function of which is guarding your threat exposure by monitoring access routes in your infrastructure via automated means to prevent breaches. They offer a generic solution. For instance, they monitor firewalls and web gateways, supply antivirus software and do intrusion prevention. MSSPs ideally prevent breaches by monitoring line of business apps during, say, peak hours. If there’s an incident, your staff, not theirs, will have to respond to it. MSSPs have basic forensic tools for collecting data about the breach or analyzing software initiating the attack to see how it did -- it but after the breach, or in security parlance, “post-BOOM.”
Managed Demand Response (MDRs) provide tech-based monitoring and detection, too, but they also respond to breaches. MDRs supplement their tech methods with cybersecurity staff who can respond post haste to secure a breach. They can also provide professional services that will team with you to customize your security solution. MDRs monitor more of your infrastructure than MSSPs and do it round-the-clock. They also have more, and more advanced, forensic tools than their brethren, so they can do deep analysis of infrastructure from smart phones and hard drives to operating systems of different vendors to networks. Because they detect and respond almost instantaneously, MDRs provide “pre- and post-BOOM” forensics. “Pre” because the breach is addressed so quickly that damage is preempted, but in strict terms the solution happens after the attack.
Best Fit
SMB electric utilities with relatively smaller, simpler infrastructure looking for a relatively affordable solution are well-served by MSSPs, as long as they can guarantee your regulatory compliance. Larger electric utilities with deeper pockets, but constrained personnel, and infrastructure of greater complexity, sprawl and with more potential vulnerabilities should consider deep solutions from MDRs.
In any case, you know security is never one-and-done – you are never impregnable, or not for long. Technology changes so fast now that state-of-the-art is always what tech was yesterday -- a dated condition. Renting security services from specialists is almost always cheaper and better than building them yourself. Unlike you, that’s all they do, so they have to be good at it. You know a serious breach will cost you millions to fix – not to mention the harm done to your reputation from, say, a major blackout. Paying thousands in rent a month to avert millions of losses in a minute? The math is pretty clear. So why chance it?