Cybersecurity
August 2023
Safeguarding the Energy Sector and Beyond
As we fight to keep greenhouse gas emissions under control and keep household bills at affordable levels, new technologies will help the energy, utility and infrastructure sectors become more efficient and move toward Net Zero.
However, at a time when the energy sector should be taking advantage of these new technologies, it faces ever-growing risks from cybercriminals. These attacks, the protection measures used to combat them, and the legislation designed to protect everyone can heavily impact the adoption of new technology.
A look at current threats and opportunities will help business leaders in all sectors see the need for a cybersecurity outlook when introducing new technology safely; this expertise can also help you get the most out of a project.
Supply Chain Risk: SolarWinds and MoveIT
Take all the hardware and software that runs your business (unless you build and develop everything in-house). You will buy some of these as goods and services from other companies, this is your technology supply chain and in doing so, potentially expose yourself to vulnerabilities out of your control.
So, an attack directed at your company only needs to find the weakest link in your supply chain. Supply chain attack is not a theory; it is an ever-growing problem, especially if the vulnerability lets an attacker get ransomware in and data out.
The two most significant examples in recent years have been via Solarwinds product Orion (An IT administration platform with 33,000 customers) attack managed to push access for the attackers into an update. Now we have MoveIT, a managed file transfer program that is effectively still a breaking story in its scope and ramifications; victims include some of the world’s largest public and private entities.
Balancing the Internet of Things and Artificial Intelligence
Solution design is a balancing act, and some choices can be made with good intentions, typically to solve a problem, but result in unintended consequences. Unfortunately, some of the best solutions (IoT and AI) carry some of the greatest dangers.
Choices when building or buying IoT solutions need to be carefully managed; some devices carry slimmed-down low-power versions of operating systems and support software or do not have current hardware protections, making them vulnerable to many types of attacks that might now be a thing of the past in normal IT.
With everyone talking about Artificial Intelligence, the question of how we can use AI to solve our problems is increasing. From a development perspective, the ability of AI to write working code quickly might be a temptation for a pressured Dev Team. However, it again can introduce issues, as the bases for the AI’s learning include depreciated and vulnerable code.
The right tools: IFS FSM and IFS Cloud
IFS FSM has been named Gartner Field Service Management Magic Quadrant Leader for seven years. It provides an end-to-end service management solution, allowing companies in the energy sector to reduce the complexity of their IT supply chain.
In addition, IFS’s Cloud offering is designed to cut technical complexity and use inbuilt automation AI and IoT input to improve efficiency and workflow while being protected by IFS’s ISO 27001 compliance.
The proper support: Millennium+
Millennium Consulting has ISO 27001 accreditation and takes Cybersecurity and Cyber resilience seriously for us, our partners, and our customers. We also aim to make processes as efficient as possible, meaning less complication for cyber criminals to pray on.
Our Millennium+ service offers you peace of mind, as you can use your time to book any of our experts for any part of your business. Be it a cyber resilience review, help with a stalled implementation or a process review, or one of many other services we can help.