CYBER SECURITY IN THE ENERGY SECTOR

Critical infrastructures provide essential services that underpin the smooth functioning of a modern society and serve as the backbone for economic activities. These critical infrastructures include, for example, the energy, telecommunication, finance, health, and transport sectors. The energy infrastructure is one of the most complex and critical infrastructures and these other sectors depend upon it to deliver their essential services.

Currently, the energy sector consists of both legacy and next generation technologies. New technologies are introducing new intelligent components (e.g., electricity and gas meters, digital valves or pumps) to the energy infrastructure that communicate in more advanced ways (two-way wired and wireless communications) than in the past. These new components are based on information and communication technology (ICT) that can be interconnected to local networks. Ensuring the resilience of these energy systems against cyber risks, attacks, and threats is becoming increasingly important as the widespread use of ICT and data communication is becoming the foundation for the functioning of infrastructures that underlie energy systems.

To adequately address potential threats and vulnerabilities, cyber security must be included in all phases of the system development life cycle, from the design phase through implementation, operations and maintenance, and disposition/sunset and address prevention, detection, response, and recovery capabilities. Proposed cyber security mitigation strategies must be evaluated based on the impact on reliability, performance, and cost. The approach of Nevermore Security is to identify the highest priority risks/attack vectors and the most effective cyber security strategies and solutions. This will include both technology and procedural solutions and may include accepting the residual risk. Ultimately, cyber security must not adversely impact the reliability of the energy systems.

WHY NEVERMORE SECURITY?


Annabelle was named after the Edgar Allan Poe poem, Annabel Lee. Poe also wrote The Raven.

Once upon a midnight dreary, while I pondered, weak and weary, Over many a quaint and curious volume of forgotten lore—While I nodded, nearly napping, suddenly there came a tapping,As of some one gently rapping, rapping at my chamber door. “’Tis some visitor,” I muttered, “tapping at my chamber door—            Only this and nothing more.”

Then this ebony bird beguiling my sad fancy into smiling, By the grave and stern decorum of the countenance it wore, “Though thy crest be shorn and shaven, thou,” I said, “art sure no craven,Ghastly grim and ancient Raven wandering from the Nightly shore— Tell me what thy lordly name is on the Night’s Plutonian shore!”           Quoth the Raven “Nevermore.

from The Raven, by Edgar Allan Poe

ANNABELLE LEE  |  NEVERMORE SECURITY FOUNDER

Annabelle Lee is the founder and Chief Cyber Security Specialist of Nevermore Security.

Annabelle’s experience comprises over 40 years of technical experience in IT system design and implementation and over 25 years of cyber security design, specification development, and testing. Over the last 15 years, she has focused on cyber security for the energy sector. Over her career she has authored or co-authored many documents on cyber security, cryptography, and testing. She began her career in private industry concentrating on IT systems specifications, software testing, and quality assurance.