Global energy cybersecurity company Nation-E is building an Energy Cyber Security Center, to be opened in Israel later this year and dedicated to protecting critical infrastructure.
The facility will include the Energy Cyber Security Training Arena, simulating real-world energy crises and having a goal of providing the world’s largest energy devices performance database for testing, certifying and commercializing energy innovations. The idea is that teams from global industries and government organizations will get real-life proficiency in managing cyber-protection scenarios, testing the vulnerability of their energy assets and finding the best way to protect them.
“In an interconnected world where we are all dependent on the grid; where electric companies sustain countless cyber-attacks; where the latest ‘smart home’ devices are hacked into – the good guys need all the training they can to protect our critical energy infrastructure, our banks, our factories, our homes… and our way of life,” Nation-E said in announcing the center.
The demonstration area features industry-leading brands of devices such as wind turbines, solar panels, power generators, modular energy storage systems with BMS support and EV, integrated to create a fully functional micro-grid.
The launch is timely, given the mounting gaps in the security of the world’s critical infrastructure. In a recent study from Ponemon and Unisys, nearly 70% of companies surveyed that are responsible for the world’s power, water and other critical functions have reported at least one security breach that led to the loss of confidential information or disruption of operations in the past 12 months.
In fact, 64% of respondents anticipated one or more serious attacks in the coming year. Despite this risk, only 28% ranked security as one of the top five strategic priorities for their organization, while a majority named their top business priority as minimizing downtime.
“The findings of the survey are startling, given that these industries form the backbone of the global economy and cannot afford a disruption,” said Larry Ponemon, chairman and founder of the Ponemon Institute, in a statement. “While the desire for security protection is apparent among these companies, not nearly enough is actually being done to secure our critical infrastructure against attacks.”
Only one in six respondents describe their organization’s IT security program or activities as mature. Respondents who reported suffering a data breach within the past year most often attributed these breaches to an internal accident or mistake, and negligent insiders were the most cited threat to company security. Despite these findings, only 6% of respondents said they provide cybersecurity training for all employees.
The survey also highlighted the concerns many of these executives feel regarding the security of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems, which monitor and control the processes and operations for power generation and other critical infrastructure functions. When asked about the likelihood of an attack on their organizations’ ICS or SCADA systems, 78% of the senior security officials responded that a successful attack is at least somewhat likely within the next 24 months. Just 21% of respondents thought that the risk level to ICS and SCADA has substantially decreased because of regulations and industry-based security standards, which means that tighter controls and better adoption of standards are needed.