A HOLISTIC REVIEW OF CYBER RISK FOR THE DISTRIBUTION OF POWER
Paper number
655Conference name
CIRED 2019Conference date
3-6 June 2019Conference location
Madrid, SpainPeer-reviewed
YesMetadata
Show full item recordAuthors
Little, Steve, Frazer-Nash Consultancy, United KingdomNayyar, Anuj, IET, United Kingdom
Neilson, David, SP Energy Networks, United Kingdom
Abstract
Within any organisation, including those of a Distribution System Operator, an understanding of PPITFC is held across, Human Resources, Quality, Facilities or the IT department, and often what is documented is not always an accurate representation of reality. Given a cyber-attack is typically a combination of socio and technical elements, and in order for an organisation to respond or recover, a holistic understanding of PPITFC and the interdependencies between them are required.It is unrealistic for an organisation to think that by implementing cyber technology at its boundary, it is completely secure from a persistent attacker. For an organisation to respond or recover to a potential or real cyber-attack, it needs to consider cyber over a number of phases. The National Institute of Science and Technology (NIST) propose a framework including a number of phases where an organisation can mitigate a cyber-attack:Identify – organisational understanding to understand cyber risks across PPITFCProtect – implementation of controls to manage cyber risksDetect – defines activities to identify cyber activityRespond – activities to implement action against a detected cyber incidentRecover – identification of activities to restore capability after a cyber incidentWithin this paper we will describe the importance of having a holistic approach for PPITFC to defend against a cyber-attack within the power distribution network and how this information can be effectively captured. We will also demonstrate how this information can be used to protect a power distribution organisation across the various phases to respond or recover to potential or an actual cyber-attack.Publisher
AIMDate
2019-06-03Published in
Permanent link to this record
https://cired-repository.org/handle/20.500.12455/97http://dx.doi.org/10.34890/195