top of page
  • Writer's pictureEnergyPro

Five Steps to a more Cyber Secure Renewable Energy Asset





Having a full cyber security audit carried out on your renewable energy asset is a great idea, and depending on the size of your portfolio, may even be a legislative requirement. However, even without an external audit, there are some simple steps you can take to help increase the cyber security of your asset:




1. Create a clear communications infrastructure system map for your site.

Collaborating with industry peers and sharing threat intelligence
Start with individual turbines or invertors and follow this through sequentially through park controllers and firewalls. Be sure to map connection links to all third parties, including:


  • Original Equipment Manufacturer (OEM)

  • Turbine Maintenance Supplier (if different)

  • High Voltage switching team, who may have remote access to switchgear

  • Traders

  • Owners, including historic owners

  • Operations Managers and control rooms

  • Transmission System Operator, Distribution Network Operator

  • Second level SCADA system operators

  • Any other service providers, such as condition monitoring specialists



2. Secure your communications system.

Monitoring & Detection for timely incident response

Once you’ve completed the communications infrastructure map, some immediate discrepancies and potential gaps will come to light. Address these one-by-one according to a prioritised risk assessment matrix. There are likely to be many “View Only” connections with only a few with potential system control, so the obvious priority is to lock down the latter group. Ensure connections are using Virtual Private Networks (VPNs), with dual firewall protection, creating a “DMZ” environment within the substation or control room.





3. Ensure SCADA software is up-to-date.

Regular software patching and system updates

This is a particular consideration for non-OEM maintained assets.

If possible, ensure that there is continued software support, particularly for security updates and patches. If not, consider implementing additional security measures.



4. Ensure your people are trained regularly. `

Employee training and awareness programs on cyber security best practices

It can be difficult to keep track of the new and evolving threat vectors. Regular (at least monthly) training of your staff and subcontractors is the best way to mitigate against the risks of phishing, spear-phishing, smishing and other targeted attacks. At EnergyPro, we use “Ninjio” continuous training for our staff (there are other very good training providers available, we just happen to find Ninjio excellent). The training consists of fun 5-minute videos illustrating recent industry cyber attacks, how they happened, and how extra awareness or changed habits could prevent such attacks being successful.


5. Prepare a Cyber Security Incident Response Plan. Test this regularly.

Incident response plans to mitigate and recover from cyber attacks

A comprehensive Cyber Security Incident Response Plan should include the agreed response to:

  • Ransomware attacks (perhaps including an alternative response plan depending on the system affected)

  • Independent system failures

  • Loss of data communications

  • Loss of intellectual property

  • Active vs Inactive intrusion detection



We’ve all historically been very familiar with physical Emergency Response Plans for operational projects, and regularly test these in either desktop drills or on-site tests including Blue Light responders. Use this same approach for cyber security, outlining a few typical scenarios and what your agreed response will be to each of them.

These tests can be supported by external specialists, particularly for carrying out system penetration tests.



Contact us in EnergyPro to find out more.




EnergyPro



53 views0 comments

Comments


bottom of page