The energy grid must be designed, managed, and protected with security and resiliency in mind. When the energy sector takes the approach of resiliency, it shows they will not let their guards down. They will always assume threats will come and stay ahead of them by putting processes in place to secure the interconnected network that makes up the energy grid. Reliability and business continuity are critical in this industry.
As such, it's no surprise that physical security and cybersecurity are becoming more interdependent in the energy sector. That's because physical security is an important facet of cybersecurity. Protecting computers and other systems would be impossible when a hacker gains physical access to equipment.
That's why companies need to harden their assets, improve situational awareness, respond to human threats, and mitigate risk. So, securing the energy sector will require the convergence of physical security and cybersecurity. First, it's important to know that convergence is a formal cooperation of two separate security functions.
Before taking an interdependent or convergence approach to security, companies viewed physical security and cybersecurity as separate entities with its own experts and functions. Any company in the energy sector that wants to ensure security and resilience should not treat these as separate departments. Rather, they need to be integrated for holistic security management.
The security of the energy grid requires fortifying its interconnected network at the physical and digital levels. To achieve this, the energy sector needs a security framework built on multiple layers of security that incorporate remote video surveillance with monitoring.
The energy sector is an attractive target for an attack because even a small one could cause damage of epic proportions. The following are five areas of vulnerability that are highly susceptible to risks related to physical security.
Energy is generated at plants that tend to be located in rural areas and usually consist of multiple buildings. If something happens, it may be hard to find the exact location of where it's happening to mitigate the situation.
Energy transmission occurs in these substations that are often found in rural areas. Each substation exposes many of its components because they require heat transfer into the air to maintain normal operation. They may also require access for maintenance activities. Unfortunately, it makes these assets easy targets for ballistic attacks.
To ensure smooth, continuity of energy transmission without incidents, the substation equipment needs to tolerate extreme weather conditions, dust, humidity, fog, and low light. Companies in the energy sector tend to use and deploy IP- and NEMA-rated equipment. These resist physical liquid and solid ingresses.
An IP-68 rating is considered dust-tight. This means it can withstand submersion of 1 meter or greater. A NEMA rating indicates the level of corrosion protection, as well as protection of the construction of the enclosure. NEMA 4X-rated equipment is considered watertight.
Barriers such as fences and gates can help protect assets. However, they don't prevent trespassers from walking onto or gaining access to substation properties, equipment, and other assets.
This is the hardest to physically secure and protect. Its components — towers, transformers, substations, and transmission lines — are all over the place. It's more challenging to catch intruders due to the wide distribution of these components that make them very vulnerable to attacks.
If a crook tampers with the HV transformer, it will be difficult to find and buy replacement parts. The company may have to try to repair the damage or else it can lose a lot of time in seeking a replacement. Power outages can last for hours or days. Moreover, when HV transformers erupt, they can produce a fireball that could start a fire, causing more damage. This scenario could be an accident or the result of bad acts.
The electric system started with separate plants that served its customers. From there, it expanded to link multiple generating plants and eventually the creation of an interregional grid system. Thus, delivering continuous, uninterrupted services requires stations to be secured against deliberate or accidental damage to the equipment in the grid.
Many threats can hit any of these five areas and bring the grid down to a screeching halt. The energy sector needs security that can deter hackers from gaining access to data and holding it hostage for ransom. Terrorists may target the energy grid to use it as a weapon with devastating effects on society.
Another problem spot for the energy sector is the theft of metals, especially copper. According to CNBC, copper prices have soared by more than 30% in 2021. Organized crime gangs look for copper wherever they can. The theft of copper could disrupt the service.
Newer security methods can help deter crime and vandalism, protect the public, and reduce the company's liability if anyone gets hurt on the property. There's a solution that meets the definition of R5 5.1 from CIP-014-2: "Resiliency or security measures designed to collectively deter, detect, delay, assess, communicate and respond to potential physical threats/vulnerabilities ..."
Before diving into this, it's important to state that no one single security solution works alone. The best security systems contain multiple layers. Video surveillance with monitoring can close many gaps and works with other layers.
Here's how Stealth Monitoring R5 5.1 solution consisting of remote video surveillance with advanced analytics and human monitoring works to help protect the dispersed energy grid.
Back to the discussion on the convergence of physical security and cybersecurity. Effective security solutions must target cyber-physical threats to help ensure the energy grid doesn't go offline. It's critical to customize the security solution for every station and the location of all related components. Cameras can be everywhere.
Unlike other security solutions, video surveillance with monitoring takes a proactive approach to security. It can and has deterred crime and prevented property damage before it can escalate into unacceptable outcomes, such as power outages, the cost of replacing expensive parts, shutting down other critical infrastructures, and customer frustration.
The energy sector requires a unique security solution because of how it's set up. What works for other industries will not work for energy. Therefore, the first thing you want to do is find security vendors with experience in the energy sector. The safety of your employees, visitors, and grid depends on it.
As you research remote video surveillance systems with monitoring, you'll want to find a solution that consists of high-quality security cameras that combine advanced video analytics and trained human monitoring operators. The partnership between video analytics and trained monitoring operators can increase the chance of catching something suspicious before anything happens. This is vital to help ensure the energy grid continuously functions.
With the right video surveillance technology, you could see a fast return on your investment. To learn more about remote video surveillance and how it helps protect your energy grid, check out the guide to Remote Video Surveillance: More Than Just Catching Criminals. For a customized security plan for the energy sector that maximizes your ROI, contact us.