Here are some key take-aways for US grid operators and utility companies to consider:
Really for all of these organizations, do your due diligence. Understand what your really critical elements are of your organization that would be your worst-case scenario. And then once you know what your worst-case scenario is, then you can defend that. Build the plan according to our ransomware playbook, have the backups in place, and have the strong measures in place.
Constant, effective monitoring and alerting is key to early detection of a cyber incident and an effective response/recovery:
"The utility's computer systems were breached by ransomware hackers on March 19, but Nova Scotia Power did not discover it until April 25. The company disclosed the cybersecurity incident three days after that."