The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Post

Why Use A Managed Service Provider For Security?

image credit: © Borka Kiss | Dreamstime.com
John  Harney's picture
President SaaSWatch

I run a SaaS, AI, Content and Cloud consulting and editorial firm focused on, among other verticals, energy, and especially electric utilities. I am focused on data-driven tech and processes so I...

  • Member since 2022
  • 7 items added with 1,778 views
  • Apr 27, 2022
  • 1107 views

This item is part of the Cybersecurity - April 2022 SPECIAL ISSUE, click here for more

Top of mind for most electric utilities now is how to adopt clean energy sources without sacrificing resilience, reliability, security and regulatory compliance. Addressing the first concern obviously requires that you also accommodate rapidly proliferating clean distributed energy resources for prosumers as well as migrate to clean generation at your power sources.

Solar primarily is supplanting coal and oil at the source, and solar and batteries are supplementing them at customer locations.

Your access to Member Features is limited.

Of course, to improve service and spin out value-added revenue sources, you are installing smart meters wherever possible. Meanwhile, the pandemic forced many of your employees to go remote, so it appears that post-Covid work environments will remain largely hybrid. The supply chain crisis also pointed up the need for you to have better visibility into your supply chain. You now not only must use track-and-trace technology, but you also must assess suppliers’ integrity to ensure suppliers practice adequate security and that they are not bad actors who might ship you individual devices with built-in capabilities to operate, say, like a trojan horse to populate your infrastructure with malware. Policy and competitive pressures, of course, are driving you to digitally transform and migrate more resources to the cloud to become agile.

Every aspect of your business and operations is changing. How will you adapt? As importantly, as your threat surface expands all ways at once across employees, customers and suppliers, how will you secure your source-to-serve infrastructure as you adapt?

Feeling overwhelmed? You have every right to be. 

That’s why outsourcing security to a managed services provider is often the solution for a utility in transition -- or should we say in crisis?

Your Options

There are two types of managed service providers for security.

Managed Security Service Providers (MSSPs) are tech-only providers the main function of which is guarding your threat exposure by monitoring access routes in your infrastructure via automated means to prevent breaches. They offer a generic solution. For instance, they monitor firewalls and web gateways, supply antivirus software and do intrusion prevention. MSSPs ideally prevent breaches by monitoring line of business apps during, say, peak hours. If there’s an incident, your staff, not theirs, will have to respond to it. MSSPs have basic forensic tools for collecting data about the breach or analyzing software initiating the attack to see how it did --  it but after the breach, or in security parlance, “post-BOOM.” 

Managed Demand Response (MDRs) provide tech-based monitoring and detection, too, but they also respond to breaches. MDRs supplement their tech methods with cybersecurity staff who can respond post haste to secure a breach. They can also provide professional services that will team with you to customize your security solution. MDRs monitor more of your infrastructure than MSSPs and do it round-the-clock. They also have more, and more advanced, forensic tools than their brethren, so they can do deep analysis of infrastructure from smart phones and hard drives to operating systems of different vendors to networks. Because they detect and respond almost instantaneously, MDRs provide “pre- and post-BOOM” forensics. “Pre” because the breach is addressed so quickly that damage is preempted, but in strict terms the solution happens after the attack.

Best Fit

SMB electric utilities with relatively smaller, simpler infrastructure looking for a relatively affordable solution are well-served by MSSPs, as long as they can guarantee your regulatory compliance. Larger electric utilities with deeper pockets, but constrained personnel, and infrastructure of greater complexity, sprawl and with more potential vulnerabilities should consider deep solutions from MDRs.

In any case, you know security is never one-and-done – you are never impregnable, or not for long. Technology changes so fast now that state-of-the-art is always what tech was yesterday -- a dated condition. Renting security services from specialists is almost always cheaper and better than building them yourself. Unlike you, that’s all they do, so they have to be good at it. You know a serious breach will cost you millions to fix – not to mention the harm done to your reputation from, say, a major blackout. Paying thousands in rent a month to avert millions of losses in a minute? The math is pretty clear. So why chance it?              

Discussions
Matt Chester's picture
Matt Chester on Apr 27, 2022

SMB electric utilities with relatively smaller, simpler infrastructure looking for a relatively affordable solution are well-served by MSSPs, as long as they can guarantee your regulatory compliance. Larger electric utilities with deeper pockets, but constrained personnel, and infrastructure of greater complexity, sprawl and with more potential vulnerabilities should consider deep solutions from MDRs.

Do you find that utilities are usually well adapted to recognizing the different needs of these different customers and having unique departments/offerings to  handle them? 

John  Harney's picture
John Harney on Apr 27, 2022

Hi Matt

Thanks a bunch for posting my piece. As to your question, I'm not sure what DIFFERENT customers you are referring to. Do you mean prosumers vs consumers? customers of smaller electric utilities vs those of larger utilities? I'm happy to answer but I need clarification. 

John

 

 

Matt Chester's picture
Matt Chester on Apr 27, 2022

Hi John-- I guess I was being more general. Yes, how do best practices vary between customers of smaller utilities vs. larger utilities? Also within a single utility service area, the small business customers vs. the larger business/industrial customers. 

Thanks!

Barry Jones's picture
Barry Jones on May 3, 2022

Good article John. This is an area where entities can leverage specialization and condense services. I agree with you there's a place for MSSPs. Thanks!

John Benson's picture
John Benson on May 9, 2022

Good post, John, especially "In any case, you know security is never one-and-done..."

Using an MSSP, or relying on other third-party service provider can work, but somewhere there need to be a highly experienced, qualified security professional in the loop that is directly responsible for all utility cybersecurity. That person needs to help set up a cross-auditing process to make sure that all third-parties are secure to the extent that they cannot provide a path for a breach into the target utility's IT infrastructure. This especially applies to the utilities primary asset control systems.

-John

 

John  Harney's picture
Thank John for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »