Last week energy management company Schneider Electric announced it had joined the Cybersecurity Tech Accord, a watershed agreement to enhance the cybersecurity ecosystem and defend digital economies from cyber attacks. Schneider Electric is among more than 140 companies who have committed to protect and empower civilians online and to improve the security, stability and resilience of cyberspace.
“We are facing a new reality and geopolitical climate where malicious actors have unlimited time, resources and funding to carry out cyberattacks. Taking on newer, more innovative and increasingly dangerous threats can’t be limited to a single company, industry or region,” Christophe Blassiau, senior vice president of digital security and global CISO, Schneider Electric, said in a press release. “In joining the Cybersecurity Tech Accord, we’re proud to continue our collaboration with industry leaders around the world to help detect, prevent and respond to cyberattacks.”
Schneider Electric’s recent announcement is just one of the many ways the company is working to address cybersecurity issues around the globe. In an opinion piece posted to Utilities Middle East on March 4, Blassiau says utility executives must understand that they’re at heightened risk.
“Creating data-driven, digitized platforms and business is at the fore-front of utility company’s agenda today,” Blassiau writes. “Rightfully so, as consumers do everything online, they demand the same of the companies who provide them a service. This requires converging systems and technologies, connecting everything – from information to assets. But the more you move your information and assets online, the more at risk you are from a cyber-attack.”
In the piece Blassiau points to the recent increase in hackers attacking industrial targets. These attacks can cause devastating damage leading to an interruption in service when a plant is taken offline.
“Whenever I meet with a utility company executive, I ask them, ‘What is the bottom-line impact of cyber threats to cost, continuity, and customer confidence?’” Blassiau writes. “By reframing the conversation in terms of what impact the hack can have on the business and customers, we’ll be able to focus minds on getting the resources and the support we need to better safeguard our organizations.”
Blassiau says utilities in the Gulf should begin to view cybersecurity as a business enabler. He believes every person in leadership should understand the digital risk and frame it in the context of a business-enabling conversation.
Additionally, Blassiau says utilities must widen the risk aperture beyond the perimeter. According to a recent report by Statista, there will be 75 billion connected devices by 2025, which will further widen the threat landscape.
“We have no perimeter anymore. Everything is connected, from the supply chain, delivery, and deployment of products and solutions, to customer sites and managed assets. This landscape is expanded by technology that connects everything, from people to process,” Blassiau writes. “From Information Technology to Operational Technology — and from our customers to our enterprise — the potential cyberattack surface is large and can be used at any step of the kill chain.”
Blassiau also recommends utilities adopt a “Cybersecurity by Design” approach that includes people, processes, and technologies. He also recommends answering the global call for trust and security by ensuring that cybersecurity is an inherent part of every company’s business culture, processes, and innovation.
“Even for a company such as Schneider Electric, which is an expert in cyber security,” Blassiau writes. “Schneider’s posture is open minded and embracing the lessons learned while on our own digital transformation journey. I want to ensure that others can learn from our experiences before having to live their own.”
For their part Schneider Electric is taking steps to improve their own cybersecurity efforts and strengthen the global community. In addition to the Cybersecurity Tech Accord, Schneider Electric is also a member of the Cybersecurity Coalition, as well as a founding member of the ISA Global Cybersecurity Alliance, which advances cybersecurity readiness and awareness in manufacturing and critical infrastructure facilities and processes.