Target, Yahoo!, AT&T, Home Depot, Google, and Apple are six of the most recognizable and successful brands in their respective spaces. What else do they have in common? Each has been a victim of significant cyberattacks. These are attacks that compromise internal systems and potentially expose sensitive customer data. Large consumer-facing retail and tech brands seem the most vulnerable since these breaches are highly public. They’re also hardly the only ones at risk.
Reports show that nearly 950 government agencies, educational establishments, and health care providers had ransomware attacks in 2019 alone. Resulting in costs that exceeded $7.5 billion. In many cases, hackers have demanded, and received, large sums of money. In exchange for files or functionalities lost in the process.
Utility leaders weigh in on cybersecurity
Utility Dive’s annual State of the Electric Utility for 2020 gives an indication of how industry leaders view their own cybersecurity efforts. The report includes an entire section on cybersecurity, demonstrating mixed results. The good news: 84% of participants felt their organization was “fully or mostly prepared” to address cyber threats. On deeper inspection, the report found that these organizations weren’t quite as prepared as they thought.
Nearly 40% of respondents said their executive leadership teams don’t receive regular briefings on risks to the utility’s power system. About one-third said the utility may not be in compliance with critical mandates. The North American Electric Reliability Corporation’s Critical Infrastructure Protection standard. Perhaps the most concerning realization are that less than half of the participants said their organization has procedures in place. Testing the security of third-party systems. As the publication notes, it’s those very systems that are the access points for fraudsters in many attacks.
Related: Accountability is Everyone’s Responsibility
What makes a utility vulnerable?
Utilities are vulnerable to cyberattacks for various reasons. They have an extensive employee network. Many of whom work outside of the office and away from the shield of in-office security. If this data is handed over to the wrong person, it can be potentially ruinous.
Related: Ready to Fix Your Infrastructure?
Three things utilities can do to improve cybersecurity
Seeing what a cyberattack can do to a brand of Apple’s size and scale should be motivation for utilities to take meaningful actions to improve their cybersecurity. Although there are a number of tactics a utility can take, here are three must-dos.
The first is to perform a vulnerability assessment that closely analyzes the utility’s existing network, and looks for areas that may be weak or susceptible to scammers. Next, you’ll need to create a plan. A plan that addresses vulnerabilities and outlines the steps to take to ensure new weaknesses are taken care of. Lastly, all utilities must become fully invested in cybersecurity. This level of buy-in includes dedicating resources that include hiring and retaining the right people and aligning with the right vendors who can aid in the fight against cyber attacks.
Parting thoughts on cybersecurity in the utility industry
These kinds of cyberattacks threaten the core of what utilities offer their customers. In most cases, it offers customers a product or service that’s essential for daily living. Customers expect that the brands they trust will handle their data with care. A cyberattack can destroy customers’ trust in both aspects.
The utility industry has grown tremendously in its defense of cyberattacks. While there does appear to be some strong optimism about the future, more work remains. So long as utilities are committed to doing what’s right for their systems and their customers.
At Utility Partners of America (UPA), we understand the importance of protecting your customers’ data. That’s why we’ve developed a cloud-based field service software solution that integrates strict security features to keep your company ahead of data threats. Interested in learning more about how we can keep your customers’ data safe? Contact us today!