Infrastructure:Electric,Gas & Water / Cyber Security News

Critical Infrastructure Facing Increased Cyber Risk

October 21, 2013
/ Print / Reprints /
/ Text Size+

The nation’s critical infrastructure is coming under increased pressure to protect their vital systems and assets from outside cyber threats as the number of attacks increase and stronger regulations are imposed.

Nowhere is the growing threat more apparent than within the power and utilities industry, which faces more cyber attacks than any other critical infrastructure sector, according to Department of Homeland Security (DHS) data.

In its latest Marsh Risk Management Research briefing Securing Power, Utilities, and Other Critical Infrastructure from Growing Cyber Risks, Marsh examines the growing cyber threat to the US power grid and other infrastructure facilities; the evolving regulatory landscape; and steps utilities and other facilities can take to better protect their data and assets.

Of the more than 200 cyber incidents investigated by the DHS’ Industrial Control Systems Cyber Emergency Response Team between October 2012 and May 2013, 54% occurred within the energy sector, far surpassing any other critical infrastructure sector.

“A power grid interruption as a result of a cyber attack has the potential to cost utilities and other infrastructure facilities millions of dollars in lost revenue, regulatory fines, and additional expenses to restore operations and to improve cyber securities defenses, not to mention reputational damage,” said Matt McCabe, a senior advisory specialist within Marsh’s Network Security and Privacy Practice. “The incidents have also prompted the federal government to propose stronger cyber security practices for utilities and other infrastructure owners and operators.”

Mitigating the risks related to sophisticated cyber attacks while navigating an increasingly complex regulatory environment is not an easy task, but there are steps utilities and other facilities can take to better protect their data and assets, Marsh said.

In addition to industry-specific cyber insurance solutions, critical infrastructure facilities should focus on employee training; engage in system penetration testing and periodic threat assessment reviews;  develop and test continuity plans; and review and update procedures and responsibilities for gathering and processing claims information in the event of a loss, Marsh said.

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security magazine February 2015 issue cover

2015 February

In the February 2015 issue of Security Magazine, see what other companies have learned from the massive data breach and what they are doing in the now and in the future. Also, what could adding thermal cameras to your operation do for you? and Mohegan Sun at Pocono Downs prepares for the future with security decisions.
Table Of Contents Subscribe

Tougher Cybersecurity Legislation

On January 20, President Barack Obama called for tougher cybersecurity legislation in his 2015 State of the Union address. Which of the following points do you feel is most needed today?
View Results Poll Archive


CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.