Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceInfrastructure:Electric,Gas & Water

Evolving cybersecurity to protect today’s energy network architecture

By Michael Wood
power lines

Image from Pixabay

July 13, 2022

The energy sector is in a unique position when it comes to network security. Not only does it need to protect private information and keep employees productive, but it is tasked with preventing attacks that could bring the power infrastructure supporting communities across the nation to its knees.

While the ramifications of a cyberattack on the energy sector could be extraordinary, energy companies face many of the same challenges as organizations in other verticals. For example, with the growing challenges of adapting to a mobile and disparate workforce, energy firms need to give their work-from-anywhere (WFA) users the flexibility, secure access and network performance needed to perform their duties.

Beyond this, energy companies often need to give secure access to remote contractors who may use one device to connect to various enterprise networks. To make the challenge worse, many energy firms have a complex network infrastructure in place, including legacy data centers and systems that, in today’s world, need to handle everything from switching to Wi-Fi to WAN optimization. For larger companies, their distributed field network needs to support many branch offices which could be located internationally.

Energy companies today realize that traditional perimeter-based cybersecurity tools are no longer adequate to protect them from a constantly evolving threat landscape. Especially with the WFA environment caused by COVID-19 and adopted by many companies, there is now too large of an attack surface and too many attack vectors to secure with walls around everything. Rather than attempting to build security around the distributed network, these days the network itself must provide security. Traffic entering the network must be secured from start to finish and security and the network must operate as one fully integrated system.

The evolving cyberattack landscape

The world’s fragile state during the COVID-19 crisis opened the door for an aggressive wave of cyberattacks. Ten years ago, energy firms’ on-premises-focused security personnel were able to identify network attacks very quickly, since most took place in the top-level layers of a system, often through a malware attack. These days however, vulnerabilities are exploited over long periods of time, with more massive destruction to infrastructure in mind. Energy companies can no longer assume that their network systems will remain safe.

Cyber thieves are also infiltrating through underlying networks, passing from router to router and accessing information located far below a system’s top level. The evolution of these attacks means that energy firms may not be aware of a breach for long periods of time, increasing the amount of harm to the company and overall power infrastructure that can be performed.

Energy companies should update their security strategies to address worst-case scenarios and assume that at some point they will be victims of attack. This means understanding that any single employee may serve as a hacker’s entry to the enterprise network. Anyone can be fooled by increasingly sophisticated attacks and clicking on a phishing email, resulting in an opening for malicious events.

Focus on analytics and visibility 

To address these sophisticated attacks, analytics and visibility are instrumental in strengthening an energy company’s security posture, particularly when it comes to branch sites. Analytics and visibility deliver invaluable insights into an organization’s ongoing security status and can help identify critical vulnerabilities previously unseen. While information technology (IT) leaders traditionally have focused on their organization’s connectivity and security, now analytics and visibility of distributed networks are getting their fair share of attention.

The type of information this approach provides can prove vital for the rising number of companies suffering an attack. The first challenge after a breach attempt has been identified and systems have been shut down is to determine how far cyber thieves have infiltrated before being detected and what exactly they accessed. This is particularly true in cases of ransomware, where an organization must be able to determine the criminal’s activity on its systems. Hackers may claim they accessed and encrypted five terabytes of data, but a company may be able to see they collected only a handful of files before being shut out. Only with complete visibility will energy firms have the information they need to counter a criminal’s claim.

Approaches to strengthen network architecture 

Energy companies can strengthen their network architecture against attacks through a number of approaches. For example, zero trust network access (ZTNA) technologies should be a high priority for organizations to limit access to privileged accounts and data left easily accessible, particularly in their WFA and distributed contractor environment. Requiring authentication before granting access is an important way a company can protect its network and keep data secure.

Many energy firms need to reassess their infrastructure foundations before additional security approaches can be considered. Integration is critical for strengthening an organization’s network architecture, since many have disparate systems that should ultimately be integrated. Achieving strong integration will enable companies to have greater visibility into their distributed systems, making it easier to identity and defend against incoming cyberattacks.

Steps toward a secure future 

Approaches such as secure access service edge (SASE) can go a long way toward strengthening an energy company’s network architecture. SASE is the integration of security and networking solutions, such as firewall-as-a-service (FWaaS) and ZTNA, into a unified service that can be delivered entirely through the cloud. Cloud delivery offers firms greater flexibility, making it easy to apply security services and consistent policies remotely where they are needed. Secure and seamless transition from the cloud is critical since so many applications are cloud based, including collaborative communications.

Cybersecurity needs to become more of an integrated consideration for every new project. For example, in today’s WFA environment, every area needs embedded security, including branch sites and remote workers. Simply educating remote workers about security risks is not enough to protect networks from malicious attacks.

In today’s world, where any organization can be a target for cyberattack, a strongly secured network architecture and end-to-end visibility are the building blocks to a resilient security posture. Enabling a single point of control using approaches such as SASE will help ensure energy companies can create a more streamlined and secure network architecture, whether from the headquarters or remote branch locations. To protect private data and networks, all organizations should work toward a common goal — implementing an approach that combines the crucial elements of network architecture, security and visibility. 

KEYWORDS: cyber security awareness energy sector network vulnerability secure access service edge (SASE) security analytics zero trust

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Mike wood pic

Michael Wood is CMO at Versa Networks. Wood is an entrepreneurial, creative, results-oriented and hands-on CMO, VP Product, Board Member, Advisor, and Investor with repeated success scaling incubation businesses and startups.

Wood has extensive expertise scaling products, businesses and processes to take a business from limited revenue to hundreds of millions of dollars in revenue. In addition, Wood has deep expertise in networking as a service, virtualization, cloud, mobile, video and security.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • retail store online

    Building the future-proof retail store with SASE

    See More
  • ASSA ABLOY supplies rugged pdlocks to protect BP alternative energy critical infrastructure locations

    BP Alternative Energy wind farms install rugged padlocks to protect critical infrastructure

    See More
  • mobile device usage

    Managing risks in an evolving cybersecurity environment

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
  • July 17, 2025

    Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

    From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing