The report, Smart Grid Cyber Security, predicts that robust growth in the smart grid cybersecurity market will produce opportunities for hardware and software companies, as well as professional service firms.
“Smart grid cybersecurity is significantly more complex than the traditional IT security world. It is a common misperception that IT networks and industrial control systems have the same cyber security issues and can be secured with the same countermeasures. They cannot”, said Pike Research senior analyst Bob Lockhart. “To successfully secure the electrical grid, utilities and their key suppliers must design solutions that effectively bridge the worlds of information and operations technology.”
The report noted that there are additional areas of smart grid cybersecurity concern beyond smart metering, such as intelligent transmission, automated distribution, and substations.
Pike Research identified a number of issues that require attention for smart grid cybersecurity. One issue is that many industrial control systems have seemed secure simply by being isolated from IT networks. The Stuxnet attacks demonstrated that USB memory sticks give attackers a workaround for that lack of connectivity.
The other issue is that IT and operations groups at utilities often do not communicate effectively with each other. This is a cultural barrier to the success of smart grid deployment, the report said.
Lockhart said that effective smart grid cybersecurity deployments will address a number of issues, including stronger identity management, multi-factor authentication, computer incident response, business continuity planning, defense-in-depth for IT and industrial control system networks, video monitoring capabilities for substations and control rooms, end-to-end encryption of data from the home area network to the utility central site, stronger cyber security software on smart meters, and data integrity for electric vehicle recharging transactions.