2012 Utility Cyber Security Survey - Viasat · cyber security survey INTELLIGENCE ... 3 2011. 4...

cyber security survey

INTELLIGENCE BY ZPRYME | ZPRYME.COM | SMARTGRIDRESEARCH.ORG© 2013 ZPRYME RESEARCH & CONSULTING, LLC. ALL RIGHTS RESERVED.

SPONSORED BY JANUARY 2013

1 www.zpryme.com | www.smartgridresearch.org | www.viasat.com ViaSat Presents: Utility Cybersecurity Study | January 2013

Copyright © 2013 Zpryme Research & Consulting, LLC All rights reserved.

Table of Contents

Executive Summary .................................................................................... 2

About This Report ....................................................................................... 2

Methodology .............................................................................................. 2

Major Findings ............................................................................................. 2

Cybersecurity Survey Implications and Recommendations .................. 4

Market Implications .................................................................................... 4

Recommendations .................................................................................... 5

Conclusions ................................................................................................. 5

Survey Respondent Characteristics .......................................................... 7

Organization Size ........................................................................................ 7

Title Within Organization ............................................................................ 7

Industry Type ................................................................................................ 8

Utility Type .................................................................................................... 8

Cybersecurity Survey Detailed Findings ................................................... 9

Priority of Automation Security Real-time systems for Utilities .............. 9

Least Secure Segment of the Electrical Grid ......................................... 9

Overall Security of Electrical Networks in the U.S. ............................... 10

Expected Cyberattacks on U.S. Utilities in 2013 ................................... 10

Concern for Potential Cyber and Network Attacks ........................... 11

Major Risks Associated with Cyberattacks ........................................... 11

Benefits of Secure Automation Technology ........................................ 12

Expected Cybersecurity Investments in 2013 ...................................... 12

Roles Standards Play in Security Automation....................................... 13

Security Automation Demand by Technology .................................... 13

Technologies Most Vulnerable to Cyberattacks ................................. 14

Annual Utility Cybersecurity Budget ...................................................... 14

Decision Making about Cybersecurity .................................................. 15

Real-Time Overlay for Visualization of Security Status ........................ 15

Scalable Security “Dashboard” for Monitoring Security Status ......... 16

Cyber Securitity Importance to Ensure Reliability and Resilience .... 16

Providers of Cyberattacks Solutions ...................................................... 17

IT-based Security – Securing the Electrical Grid .................................. 17

Need for Cybersecurity Legislation ....................................................... 18

Zpryme Outlook ........................................................................................ 19



Executive Summary

A hacker wearing a fake beard and dark sunglasses took

the stage at a computer security conference in Miami,

Florida this month and showed a group of about 60

security researchers how to intercept smart grid radio

communications.1

“If you can understand the way these systems speak to

one another, the potential to hack them is very real.”

- Atlas, January 17, 2013

Building the utility of the future is expected to yield

numerous benefits such as lower power losses, cleaner

power, lower electricity bills, and a healthier environment.

In fact, Smart Grid investments to date have been largely

in technologies that can yield these benefits. However,

the consequences of not securing a digital grid

connecting billions of devices such as smart meters,

electric vehicles, sensors, intelligent electronic devices,

transformers, smart phones, and home energy monitoring

systems are just now being seriously discussed. Simply put,

Smart Grid rollouts across the globe provide more “entry

ways” for potential hackers or cyberattacks to cause

electrical disturbances.

Utilities, global utility conglomerates, niche solution

providers, government stakeholders, and security experts

across the globe are working tirelessly to develop

standards, protocols, and system architectures that

address Smart Grid cybersecurity. To assist in this effort,

1 http://bits.blogs.nytimes.com/2013/01/17/a-hacker-says-smart-grid-can-be-

penetrated/

Zpryme‟s Smart Grid Insights and ViaSat have set out to

address several issues around utility cybersecurity, and

identify vulnerable parts of electrical systems and

networks.

Overall, the major findings in this report show that utilities

are becoming increasingly cognizant of credible threats to

their electrical systems and networks. More importantly,

utilities are now prepared to install cybersecurity systems

that can identify, isolate, and mitigate attacks to prevent

catastrophic system disturbances.

About This Report

The purpose of this report is to assess the overall

cybersecurity threat faced by utilities, and identify the key

benefits of cybersecurity investments. Additionally, this

report identifies key budgeting considerations for

cybersecurity, and where these funds are most likely to be

spent. And finally, this report outlines system architectures

or approaches that will best provide grid security. Methodology

Zpryme surveyed 213 Smart Grid and utility professionals in

November of 2012. Respondents were asked 21 questions.

The survey was conducted over the internet.

Major Findings

Nearly half (47%) of the respondents believed

automation security belonged in the top 10% of all

priorities for utilities.



The least secure of an electricity grid‟s components

were the end user segment and the distribution

system; and only 4% of the sample said that U.S.

electricity grids were very secure.

Over half (52%) believed that IT-based solutions

alone were insufficient for securing the electrical

grid.

The most important role that standards play in

implementing security automation technologies was

to ensure interoperability among components.

Seventy-seven percent of the respondents reported

that cyberattacks on U.S. utilities would increase in

2013 with power outages and damage to electricity

control systems being the major impacts.

The top-rated benefit of secure automation

technology was reliable service.

Nearly two-thirds of the sample (65%) said

investments in cybersecurity in 2013 would increase,

with private industry software companies and

system integrators providing the best systems to

thwart cyberattacks.

This sample said the average organization amount

being budgeted for cybersecurity was $1,450,000

annually.

Almost three-fourths (73%) felt that the Cybersecurity

Act of 2012 should have been passed.



Cybersecurity Survey Implications and

Recommendations

The survey results (presented in figures 1 – 21) in this report

offer key insights about how utilities will proceed with

cybersecurity projects in the near future. In this section we

present the major implications of the data, and

recommendations that can assist in advancing

cybersecurity deployments.

Market Implications

Several implications of the survey supplement evidence

from published articles about cybersecurity. Survey

respondents noted that security issues involve the IT sector

as well as operations technology. And there is some

evidence that security spending over the next three years

could be heaviest on equipment protection and

management.2

Although survey data reflected that the end user was less

secure than the distribution system, requiring more security

automation, other evidence suggests that the distribution

system will reap more benefits from security spending than

from an advanced metering system.3 Both, in fact, require

substantial “shoring up” to reduce cyberattack risks.

Further, Pike Research forecasts more investment in smart

grid control systems transmission upgrades, substation

automation, distribution automation than in smart

metering.4

2 Whitney, L. http://news.cnet.com/8301-1009_3-10447430-83.html, 2010. 3 www.pikeresearch.com/research/smart-grid-cyber-security, 2011. 4 Lockhart, B. and Gohn, B. Utility Cybersecurity: Seven Key Smart Grid Security Trends to

Watch in 2012 and Beyond. Pike Research. 2011.

Hackers, terrorists, industrial spies, criminals, and disgruntled

employees are all potential threats to the electrical grid.

There are two major pathways into the electrical grid: the

internet and wireless networks.5 The NIST- published report

in 2010 identified 137 interfaces points of data exchange

within or between smart grid systems and subsystems

where opportunity exists for security breaches.6 A full-

spectrum of security measures is needed to best protect

the electrical grid. Tight security for industrial controls,

physical security such as cameras, badge access, and

perimeter security are all crucial to limit unwanted

access.7

Politics are a consideration for creating and enforcing

cybersecurity standards. Survey respondents supported

the recent Senate-rejected Cybersecurity Act of 2012.

However, some experts are concerned that the division of

responsibility between state and federal regulations

requires clarification.8 Further, evidence implies that

utilities are more concerned about regulatory compliance

than achieving effective cybersecurity.9 Political

uncertainty also impacts utilities‟ willingness to follow

guidelines until they are enforceable.10 And the lack of

enforceability creates a reluctance to invest until laws

have been enacted.

5 Goldman, C. FreeWave Technologies.

www.elp.com/articles/powergrid_international/print/volume-17/, 2012. 6 www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-

guidelines, 2010. 7 www.accenture.com/us-en/Pages/insight-critical-infrastructure-protection-smart-grid/,

2012. 8 http://dailycaller.com/2012/07/25/report-utilities-focused-on-regulatory-compliance-

instead-of-cybersecurity/, 2012. 9 Ibid. 10 Lockhart, B. and Gohn, B. Utility Cybersecurity: Seven Key Smart Grid Security Trends to

Watch in 2012 and Beyond. Pike Research. 2011.

http://news.cnet.com/8301-1009_3-10447430-83.html

http://www.pikeresearch.com/research/smart-grid-cyber-security

http://www.elp.com/articles/powergrid_international/print/volume-17/

http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines

http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines

http://www.accenture.com/us-en/Pages/insight-critical-infrastructure-protection-smart-grid/

http://dailycaller.com/2012/07/25/report-utilities-focused-on-regulatory-compliance-instead-of-cybersecurity/

http://dailycaller.com/2012/07/25/report-utilities-focused-on-regulatory-compliance-instead-of-cybersecurity/



The entire system, IT and operational technology, has to

become the focus for cybersecurity implementation.

When separate system components are secure, this does

not mean that the entire system is safe. A cybersecurity

architecture is needed for a system-level approach.

Recommendations

1. Utilities should strive for real-time situational

intelligence visualization of the security posture of

their operational technology (OT) systems. Attacks

on utility OT systems can easily cause millions of

dollars in damages, and reduce customer

confidence in their electricity provider. Real-time

situational awareness of OT systems gives utilities

actionable data so they can significantly mitigate

any potential threats in a timely manner.

2. Utilities should recognize that threats can originate

both inside and outside the utility‟s systems. For

example, compromised supply chains where

malware is embedded in new equipment or anyone

with access to a utility‟s system can use a simple USB

thumb drive to execute an internal attack.

3. The multiple networks (and silos) across a utility

system make both IT and OT systems vulnerable to

cyberattacks. Multiple networks often have varying

degrees of security and often do not integrate with

one common system, leaving „security gaps‟ that

hackers can easily identify. Thus, utility cybersecurity

systems should enable integration of OT and IT

networks and scale across multiple service territories

and systems.

4. Utilities should work closely together with vendors

that use standards based architecture that will

enable them to implement scalable security systems

that work in a multi-vendor environment.

5. Defense in depth is strongly advocated for

cybersecurity by implementing multiple levels of

security to achieve:

Prevention

Detection

Identification

Mitigation

Threats will continue to evolve, but a multi-layered

approach to security is a critical defensive strategy

6. As new technologies drive OT and IT network

convergence, utilities should establish a specialized

representative or office where security

accountability for all networks is priority one.

Conclusions

Electric utilities are recognized as perhaps the most

fundamental critical infrastructure sector, and thus need

to be protected from the cascading effect of both

physical events and cyberattacks. The drive towards

pervasive automation calls specific attention to the need

for integrated cyber-physical security systems that will

enable the advances in technology to truly deliver on the

promise of improved efficiency, resiliency and reliability.



The Stuxnet cyberattack using a highly sophisticated

computer worm during the summer of 2010 demonstrated

that control networks (i.e., Siemens industrial software-

SCADA) are no longer secure simply because they are

isolated from the electrical network.11 The attack has led

to a critical need to upgrade electrical grid security.

The utility industry will be spending significant money on

cybersecurity (some reports as much as $21 billion by 2015

around the globe).12 Therefore, the security investments

need to be coordinated among all stakeholders to

promote effectiveness across the utility industry.

The aging infrastructure combined with unique regional

needs means each utility provider will have to examine its

own specific security needs to customize a response to

counter potential threats.

11 Lockhart, B. and Gohn, B. Utility Cybersecurity: Seven Key Smart Grid Security Trends to

Watch in 2012 and Beyond. Pike Research. 2011. 12 Whitney, L. http://news.cnet.com/8301-1009_3-10447430-83.html, 2010.

http://news.cnet.com/8301-1009_3-10447430-83.html



Survey Respondent Characteristics

Organization Size

More respondents (45%) were located in organizations

with less than 100 employees than in any other size range.

Other organization size responses were: 101 – 500 (12%),

501 – 1000 (6%), 1001 – 5000 (14%), 5001 – 10,000 (6%), and

those with over 10,000 employees (18%). A sample

average was 2878.

Title Within Organization

The sample was composed of: 36% professional/staff, 31%

executives, 19% management personnel, 2% operations,

and 11% “other.”

Less than 100,

45%

101 – 500, 12%

501 – 1,000, 6%

1,001 – 5,000,

14%

5,001 – 10,000,

6%

Over 10,000,

18%

How many employees are in your organization?

(figure 1, source: Zpryme)

Executive

(CEO, VP,

Director), 31%

Management,

19%

Professional/

staff, 36%

Operations, 2% Other, 11%

What is your title within your organization?




Industry Type

Respondents classified themselves as: a consultant

(business, technical, engineering) (25%); a vendor

(integrator, technology, electrical equipment, etc.) (32%);

a utility employee (24%); a nonprofit organization

employee (4%); a power generation organization

employee (4%); a state/federal government employee

(2%); or from other industries (9%).

Utility Type

The types of utilities where respondents were employed

were: investor-owned utility (41%), municipal (27%),

federal/state owned (15%), and cooperative (11%).

Another 6% said other (than one of these four types).

Nonprofit

organization,

4%

Utility, 24%

Power

generation, 4% Vendor, 32%

Consultant

(business,

technical, or

engineering),

25%

State/federal

government,

2% Other, 9%

What industry are you currently in?


IOU, 41%

Muni, 27%

Coop, 11%

Federal/State

Owned, 15%

Other, 6%

At what type of utility are you employed?




Cybersecurity Survey Detailed Findings

Priority of Automation Security Real-time systems for

Utilities

The respondents believed that automation security was

important for utilities‟ real-time systems and should be

placed in the top 50% of all priorities, with 25% saying top

5%, 22% saying top 10%, 23% saying top 25%, and 29%

saying top 50% of all priorities. In fact, nearly half (47%)

said automation security belonged in the top 10% of all

priorities.

Least Secure Segment of the Electrical Grid

The largest group of respondents (43%) said that the end

user segment was the least secure component of the

electricity grid. The distribution system was next less secure

(38%), with the transmission system (14%) and the

generation system (5%) both lowest security risks. The end

user and distribution system appear most vulnerable to

security threats.

25%

22% 23%

29%

2%

0%

5%

10%

15%

20%

25%

30%

35%

Top 5% of all

priorities

Top 10% of all

priorities

Top 25% of all

priorities

Top 50% of all

priorities

Not a priority

issue at all

What priority should automation security for the real-

time systems have for utilities?


5%

14%

38%

43%

0%

5%

10%

15%

20%

25%

30%

35%

40%

45%

50%

Generation Transmission Distribution End users

When considering the entire electrical grid, what

segment is least secure?




Overall Security of Electrical Networks in the U.S.

When considering electrical networks in the U.S. as a

whole, only 4% of the sample believed they were very

secure. Forty-three percent said the networks were

somewhat secure, 39% said somewhat insecure, and 15%

said very insecure.

Expected Cyberattacks on U.S. Utilities in 2013

Respondents were asked to predict how cyberattacks on

U.S. utilities would change in 2013. While 23% believed

attacks would stay the same, 77% said they would

increase (20% would be focused on information

technology (IT) systems, 57% on both IT and operations

technology).

4%

43%

39%

15%

0%

10%

20%

30%

40%

50%

Very secure Somewhat secure Somewhat

insecure

Very insecure

Overall, how secure are electrical networks in the

U.S.?


20%

57%

23%

0% 0%

10%

20%

30%

40%

50%

60%

Increase in

frequency, but still

focus on the IT

systems

Increase in

frequency, but

expand to include

both OT and IT

systems

Stay the same Decrease in

frequency

How do you expect cyber attacks on U.S. utilities to

change in 2013?




Concern for Potential Cyber and Network Attacks

Nearly two-thirds (63%) said utilities should be very

concerned about the potential for cyber and network

attacks, with 33% saying moderately concerned, and the

remainder (5%) saying slightly concerned.

Major Risks Associated with Cyberattacks

The major risks associated with cyberattacks on a utility

distribution system were reported as (in descending order

of frequency): power outages (44%), damage to

electricity control systems (22%), financial losses and fines

(9%), denial of service (8%), damage to operations

equipment (7%), and safety equipment failure (5%).

Another 5% said risks (other than those in this list) would

occur.

63%

33%

5%

0% 0%

10%

20%

30%

40%

50%

60%

70%

Very concerned Moderately

concerned

Slightly concerned Not concerned at

all

What concern level should utilities have about the

potential for cyber and network attacks?


5% 5% 7%

8% 9%

22%

44%

0%

10%

20%

30%

40%

50%

Safety

equipment

failure

Other Damage

to

operations

equipment

Denial of

service

Financial

losses and

fines

Damage

to

electricity

control

systems

Power

outages

What is the major risk that is associated with a cyber

attack on a utility’s distribution system?




Benefits of Secure Automation Technology

The sample was next asked to rate the benefits of secure

automation technology by using a scale where 1 = lowest

benefit and 6 = greatest benefit. Benefit ratings were;

reliable service (4.58), accurate network information (4.36),

positive control of safety systems (4.33), low/no fraudulent

activities (4.06), and low/no power losses (4.02).

Expected Cybersecurity Investments in 2013

Expectations about how utilities would change their

investments in cybersecurity in 2013 were pulsed. Sixty-five

percent of the sample said investments would increase;

34% said investments would remain stable; but only 1% said

investments would decrease.

3.53

4.02 4.06

4.33 4.36 4.58

0.00

0.50

1.00

1.50

2.00

2.50

3.00

3.50

4.00

4.50

5.00

Other Low/no

power losses

Low/no

fraudulent

activities

Positive

control of

safety

systems

Accurate

network

information

Reliable

service

Rating of the following benefits of secure automation

technology?


65%

34%

1%

0%

10%

20%

30%

40%

50%

60%

70%

Increase investment level Keep the same

investment level

Decrease investment

level

How do you expect utilities to change their

investments for cybersecurity in 2013?




Roles Standards Play in Security Automation

The most important role that standards play in

implementing security automation technologies was to

ensure interoperability among components for 41% of

these respondents. Another 23% reported that providing

acceptable protection levels was most important, with

17% saying to enable communications across utilities, and

16% saying to provide metrics to measure security status.

Security Automation Demand by Technology

The technology that will see the strongest demand for

security automation and applications (in descending

order of frequency) was: smart meters/AMI (32%),

distribution automation (26%), upgrade of existing

transmission and distribution equipment (18%), advanced

transmission monitoring systems (15%), and substation

automation (10%).

3%

16%

17%

23%

41%

0% 10% 20% 30% 40% 50%

Other

Provide metrics to measure security

status

Enable communication across utilities

Provide acceptable protection levels

Ensure interoperability among

components

What is the most important role that standards play in

implementing security automation technologies?


10%

15%

18%

26%

32%

0% 10% 20% 30% 40%

Substation automation

Advanced transmission monitoring

systems

Upgrade of existing transmission and

distribution equipment

Distribution automation

Smart meters/AMI

Which technology will see the strongest demand for

security automation technologies and applications?




Technologies Most Vulnerable to Cyberattacks

The technology that is most vulnerable to cyberattacks is:

operations and information technologies equally (47%),

information technology (35%), and operations technology

(18%). Clearly, information technology has the highest risk.

Annual Utility Cybersecurity Budget

Their organizations were budgeting differing amounts for

cybersecurity on an annual basis: less than $100,000 (25%),

$100,001 to $500,000 (30%), $500,001 to $1,000,000 (5%),

$1,000,001 to $2,500,000 (20%), $2,500,001 to $5,000,000

(10%), and over $5,000,000 (10%). Although around half

(55%) spent $500,000 or less, the average amount for the

entire sample was $1,450,000 annually for cybersecurity,

which is substantial.

18%

35%

47%

0%

5%

10%

15%

20%

25%

30%

35%

40%

45%

50%

Operations technology Information technology Operations and

information technologies

equally

Which technology is most vulnerable to cyber

attacks?


25%

30%

5%

20%

10% 10%

0%

5%

10%

15%

20%

25%

30%

35%

Less than

$100,000

$100,001 to

$500,000

$500,001 to

$1,000,000

$1,000,001 to

$2,500,000

$2,500,001 to

$5,000,000

Over

$5,000,000

How much is your organization budgeting annually for

cybersecurity?




Decision Making about Cybersecurity

The organizational level where decisions are made about

cybersecurity was: executive (CEO, VP) (37%),

management (47%), or professional/staff (16%).

Real-Time Overlay for Visualization of Security Status

Having a real-time overlay for visualization of their

organization‟s security status was important (28% said very

important, 72% said moderately important) to these

respondents.

37%

47%

16%

0%

10%

20%

30%

40%

50%

Executive (CEO, VP) Management Professional/staff

At what organization level are decisions made about

cybersecurity?


28%

72%

0% 0% 0%

10%

20%

30%

40%

50%

60%

70%

80%

Very important Moderately

important

Slightly important Not important at

all

How important to your organization would a real-time

overlay for visualization of security status be?




Scalable Security “Dashboard” for Monitoring Security

Status

And having a scalable security “dashboard” to monitor

their organization‟s security status was felt to be useful for

them: 22% said very useful, 56% said moderately useful,

and 22% said slightly useful.

Cyber Security Importance to Ensure Reliability and

Resilience

A strong majority (82%) said that cybersecurity was very

important to ensuring the electricity grid reliability and

resiliency. Fewer said cybersecurity was moderately (16%)

or slightly (2%) important.

22%

56%

22%

0% 0%

10%

20%

30%

40%

50%

60%

Very useful Moderately useful Slightly useful Not useful at all

How useful would a scalable security “dashboard” be

for monitoring your organization’s security status?


82%

16%

2% 0%

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

Very important Moderately

important

Slightly important Not important at

all

How important is cybersecurity to ensuring the

electrical grid’s reliability and resiliency?




Providers of Cyberattacks Solutions

When asked who will provide the best solutions to thwart

cyberattacks on utilities, respondents said: private industry

software companies (42%), system integrators (27%), utility

companies themselves (14%), or private hardware

companies (9%). An “other” category (than these four

choices) was chosen by an additional 9% of respondents.

IT-based Security Solutions – Securing the Electrical Grid

Two final statements were provided and respondents were

asked for their level of agreement. The first statement was:

“IT-based security solutions are sufficient for securing the

electrical grid.” About half (48%) agreed with this

statement (7% strongly, 41% somewhat) with slightly more

(52% disagreeing (28% somewhat, 24% strongly). Slightly

more than half of the sample believed more than just IT is

involved in securing the electrical grid.

9%

9%

14%

27%

42%

0% 10% 20% 30% 40% 50%

Private industry hardware companies

Other

Utility companies themselves

Systems integrators

Private industry software companies

Who will provide the best solutions to thwart cyber

attacks on utilities?


7%

41%

28%

24%

0%

10%

20%

30%

40%

50%

Strongly agree Somewhat agree Somewhat

disagree

Strongly disagree

How much do you agree with this statement: “IT-based

security solutions are sufficient for securing the

electrical grid.”




Need for Cybersecurity Legislation

The second statement was: “The recent Senate-rejected

Cybersecurity Act of 2012 was an important piece of

legislation and greatly needed by the electricity industry.”

A large majority (73%) agreed with this statement (19%

strongly, 54% somewhat), while fewer (28%) disagreed

(22% somewhat, 6% strongly). Nearly three-fourths of this

sample believed the Cybersecurity Act should have been

passed.

19%

54%

22%

6%

0%

10%

20%

30%

40%

50%

60%

Strongly agree Somewhat agree Somewhat

disagree

Strongly disagree

The recent Senate-rejected Cybersecurity Act of 2012

was an important piece of legislation and greatly

needed by the electricity industry. How much do you

agree with this statement?




Zpryme Outlook

Utilities are becoming increasingly cognizant of the fact

that their electrical systems and networks face many

credible threats. Smart Grid rollouts across the globe

further provide more „entry ways‟ for potential threats to

cause electrical disturbances. In the short-term, utilities will

focus on preparing a plan of action to secure the most

vulnerable part of the grid. Thus, field proven systems and

technologies that can increase the security for end-users

and the distribution system will be in high demand among

utilities. The focus on Smart Grid cybersecurity will also

demand higher budget allocation to technologies that

enhance grid security.

Although many utilities will hold-off on large scale

cybersecurity investments until well defined standards are

in place, forward looking utilities will be the first to install

the best of breed cybersecurity, irrespective of costs and

standards.

The high demand for grid security products will bring

multiple key and niche players in the market. However,

niche players will face an uphill battle with utilities if they

do not have previous experience working with the

electrical sector.

Creating a „hacker-proof‟ electrical grid is going to take

five to ten years, but utilities with a long-term vision and

plan to secure their grid will be best able to mitigate the

losses associated with cyberattacks.



About Zpryme Smart Grid Insights:

Zpryme-powered Smart Grid Insights Publication, Practice and

Advisory Board help organizations understand their business

environment, engage consumers, inspire innovation, and take action.

Zpryme Smart Grid Insights represents an evolution beyond traditional

market research and consulting: combining sound fundamentals,

innovative tools and methodologies, industry experience, and

creative marketing savvy to supercharge clients‟ success. At Zpryme,

we don‟t produce tables and charts; we deliver opportunity-focused,

actionable insight that is both engaging and easy-to-digest. For more

information regarding our custom research, visit: www.zpryme.com.

Zpryme Smart Grid Insights Contact:

[email protected] | +1 888.ZPRYME.1 (+1 888.977.9631)

www.smartgridresearch.org (Zpryme Smart Grid Insights)

About ViaSat

ViaSat delivers fast, secure communications, Internet, and network

access to virtually any location for consumers, governments,

enterprise, and the military. The company offers fixed and mobile

satellite network services including Exede® by ViaSat, which features

ViaSat-1, the world's highest capacity satellite; service to more than

1,750 mobile platforms, including Yonder® Ku-band mobile Internet;

satellite broadband networking systems; and network-centric military

communication systems and cybersecurity products for the U.S. and

allied governments. ViaSat also offers communication system design

and a number of complementary products and technologies. Based

in Carlsbad, California, ViaSat has established a number of locations

worldwide for customer service, network operations, and technology

development. For more information about ViaSat, please

visit: www.viasat.com/critical-infrastructure-security

White Paper Credits:

Zpryme:

Managing Editor

Megan Dean

Sr. Research Analysts

Roger Alford, PhD

Research Lead

Stefan Trifonov

Paula Smith Nivedita

Wantamutte

ViaSat (Expert Contributor):

Brett Luedde ([email protected])

Director, Critical Infrastructure Security Secure Network Systems

Disclaimer:

These materials and the information contained herein are provided by Zpryme Research & Consulting, LLC and are

intended to provide general information on a particular subject or subjects and is not an exhaustive treatment of

such subject(s). Accordingly, the information in these materials is not intended to constitute accounting, tax, legal,

investment, consulting or other professional advice or services. The information is not intended to be relied upon as

the sole basis for any decision which may affect you or your business. Before making any decision or taking any

action that might affect your personal finances or business, you should consult a qualified professional adviser. These

materials and the information contained herein is provided as is, and Zpryme Research & Consulting, LLC makes no

express or implied representations or warranties regarding these materials and the information herein. Without limiting

the foregoing, Zpryme Research & Consulting, LLC does not warrant that the materials or information contained

herein will be error-free or will meet any particular criteria of performance or quality. Zpryme Research & Consulting,

LLC expressly disclaims all implied warranties, including, without limitation, warranties of merchantability, title, fitness

for a particular purpose, noninfringement, compatibility, security, and accuracy. Prediction of future events is

inherently subject to both known and unknown risks, uncertainties and other factors that may cause actual results to

vary materially. Your use of these and the information contained herein is at your own risk and you assume full

responsibility and risk of loss resulting from the use thereof. Zpryme Research & Consulting, LLC will not be liable for any

special, indirect, incidental, consequential, or punitive damages or any other damages whatsoever, whether in an

action of contract, statute, tort (including, without limitation, negligence), or otherwise, relating to the use of these

materials and the information contained herein.

http://www.zpryme.com/

mailto:[email protected]

http://www.smartgridresearch.org/

http://www.viasat.com/critical-infrastructure-security

http://www.viasat.com/critical-infrastructure-security

INTELLIGENCE BY ZPRYME | ZPRYME.COM | SMARTGRIDRESEARCH.ORG

INTELLLIGENT RESEARCH FORAN INTELLIGENT MARKET

SONSORED BY

FOR MORE INFORMATION ABOUT VIASAT, PLEASE VISIT VIASAT.COM/CRITICAL-INFRASTRUCTURE-SECURITY

Date post:	10-Jul-2018
Category:	Documents
Upload:	hoangdien
View:	219 times
Download:	0 times

2012 Utility Cyber Security Survey - Viasat · cyber security survey INTELLIGENCE ... 3 2011. 4...

Documents