Enzen has launched a new cybersecurity methodology and framework for UK energy and utility businesses, as concerns over hacking and cyberattacks grows.
The zenSmartCyber model can assess a company’s smart cybersecurity maturity across 120 core competencies. This can then be used to establish vulnerabilities in its current levels of security, and develop targets going forwards.
Following this, actions to bolster security as well as digital and data maturity can be brought in, helping the company to continue to accelerate digital advancement without increasing risk.
“UK critical national infrastructure systems are evolving from isolated bespoke arrangements to those that use general-purpose computing hosts, IoT sensors, edge computing, wireless networks and artificial intelligence,” said Steven O’Sullivan, head of cyber services at Enzen.
“Although this move improves sensing and control capacity and gives better integration with business requirements, it also increases the scope for attack from malicious entities that intend to conduct industrial espionage and sabotage against these systems.”
O’Sullivan talked to Current± earlier this year about the increased risk of cybersecurity attacks in the energy sector.
In February, IBM Security produced research that showed the UK’s energy sector was the target of 24% of all cybersecurity incidents in the country in 2021.
There have already been a number of notable cyberattacks on the energy sector, including the REvil group launching a ransomware attack on Elexon in 2020, with attackers managing to access the company’s internal IT systems on 14 May. Documents obtained during this attack were then reportedly posted online a month later.
Energy supplier People’s Energy – which has now shuttered – was the target of a cyberattack in December 2020 and energy supplier npower’s app was hacked in February 2021.
Internationally, there have been a number of cyberattacks including European energy giant Energias de Portugal (EDP) being hit by a ransomware attack in April 2020.
Enzen said the threat of cyberattacks is continuing to grow, compounded by factors such as the energy crisis and anxieties about Russian-state threats in light of the ongoing conflict.
“Even something as innocuous as a home smart meter needs to be considered with security in mind. We have seen the disruption that can ensue when critical infrastructure is targeted, and with US energy companies on high alert for cyberattacks against the backdrop of Russian threats, the UK needs to follow suit to safeguard its core services,” finished O’Sullivan.