Lesson in Change
Darren Highfill is director of operations technology security consulting for power and utilities in the energy practice of PwC. He has twelve years of professional services consulting experience focused on cyber security and resiliency, primarily for electric utilities. Darren has specifically worked on national and international standard development for electric grid security and security program definition, and has served as project manager for sponsored industry collaborative activities and industry-leading technology projects.
Brad Bauch is security/cyber security leader for power and utilities in the energy practice of PwC. He has more than twenty years of experience in internal audit, information technology and cybersecurity. Brad focuses on helping utilities improve their security alignment with business needs while effectively managing risk. He additionally has experience in helping organizations prepare for and respond to cyber intrusions and in managing IT compliance risk.
The Internet of Things has a precursor. One that contained valuable lessons on the cyber security front. Today’s businesses would be wise to take a moment and examine what can be learned from its precursor’s history. And consider what those lessons have in store for us today.
From roughly 2005 to 2010, the U.S. electric grid saw a notable technological transformation commonly wrapped up under the label of smart grid. Futuristic portrayals and optimistic business cases inspired many utilities to charge ahead with bold and broad deployments of new technologies.
However, more than a few of these utilities also found painful resonance in the snarky not-so-smart critiques when researchers found basic cyber security holes in early implementations. The race for market share often dictates that vendors offer products before they have been fully vetted. Sometimes vulnerabilities surface long after many experienced and discerning eyes have looked over a well-refined build.
In today’s Internet of Things, businesses face a strikingly similar picture to what utilities saw in the early days of the smart grid. A new generation of embedded devices and technology is empowering novel data sources, information flows, and even business models.
Start-ups and innovative vendors are going through explosive growth with sometimes mixed results. Not all organizations are certain about exactly how the change will affect their business.