Cybersecurity in Power: Macroeconomic Trends

GlobalData Thematic Research 22 September 2020 (Last Updated September 22nd, 2020 15:30)

As more IT and communications technologies are embedded in power utilities’ operations systems, power companies will need to assess the security of their networks, and potentially demonstrate action plans on security risks.

Cybersecurity in Power: Macroeconomic Trends

The growth in cyberwarfare and the rapid proliferation of smart and connected grid components will mean that investment in cybersecurity will remain a top priority for utility IT departments.

Macroeconomic Trends

Listed below are the key macroeconomic trends impacting the cybersecurity industry, as identified by GlobalData.

Covid-19

The Covid-19 pandemic has increased cyber risk significantly. Until a vaccine is available, businesses will have to factor in greater cyber risk. Attacks will continue to target the tools used by remote workers, including fake requests to reset VPN accounts, faked sign-in pages video conferencing accounts, or bogus incoming chat request from colleagues on corporate messaging systems. Many companies have mandated employees to undertake cybersecurity training to educate them against attacks, particularly phishing.

Election security

From Russian interference in the 2016 US presidential elections to Cambridge Analytica and Facebook’s role in the UK’s Brexit referendum, there are international concerns about the impact of unwarranted cyber activity on democracy. Disinformation campaigns and deepfake technology are being used to influence public opinion, major transportation systems can be disrupted to prevent citizens from getting to the polls, and there have been attacks on voter registration databases. European privacy regulators remain concerned about its Election Day Reminder feature, a notification the platform displays to users on the day of an election, ostensibly to encourage voter participation. Social media companies’ role in the 2020 US presidential election has also come under scrutiny, with President Trump threatening to empower federal regulators to amend Section 230 of the Communications Decency Act.

The cyber skills shortage

The cybersecurity industry remains in critical need of qualified people. According to international cybersecurity organization (ICS)2, the current cybersecurity workforce gap in the US is nearly 500,000, and the global gap in November 2019 was over four million jobs. The types of jobs currently most in demand are forensics, cyber automation engineering, security operations center (SOC) analysis, cloud network architecture, consulting in advanced threat solutions, and cybersecurity analysis, according to job vacancies posted on GlobalData’s Jobs Analytics database.

Psychology as part of security assessment

Psychology will be a focus for security during 2020, as companies attempt to understand how attackers and their staff think. Cyberattackers are usually at least one step ahead of those defending the enterprise. Understanding the psychology of attackers, from state-supported actors to individual troublemakers, may help organisations identify the weaknesses in their defences. The same thinking should be applied to different personality types across the organisation, according to Amanda Widdowson, the human factors capability lead for security group Thales. Human factors should also be part of incident management analysis when organisations analyse security threats or breaches.

Understanding people to deliver better security

On top of understanding attackers’ motivation, organisations such as the Royal Holloway University of London’s Information Security Group and the National Cyber Security Center want to get a better understanding of employees’ perspectives on security. Adopting an approach that understands how people work is likely to help drive better-designed security technologies and practices that support people’s needs, rather than creating a user-unfriendly system that leads to security breaches as people seek workarounds. This people-centric approach is backed by suppliers like Proofpoint, which advocates deploying a solution that gives users visibility into who, how, and why someone is being attacked, and whether they clicked on something.

Attacked companies are more likely to pay ransoms

An increasing number of organisations suffering ransomware attacks are deciding that paying up is their best policy. Previously, the FBI had insisted that paying ransoms emboldened criminals but, in 2019, it admitted that, faced with an inability to function, executives would consider all options in the face of an attack, including paying up.

Attacks on the rich and famous

The alleged hack of Amazon founder Jeff Bezos showed that even the very richest are not immune to sophisticated cyberattacks. With geopolitical tensions rising and more countries investing in cyber warfare, a growing service area is executive threat exposure reviews, which involves scanning the web for personal information that could find its way onto social media sites and be used in customised phishing attacks against wealthy individuals.

Governments step up their cyber offense

Governments are moving to create and justify their use of offensive capabilities against cyberterrorists and cybercriminals. The UK is on the verge of announcing an offensive cyber force to match that of the US, which has also started to acknowledge that it might have such a capability. The UK National Cyber Force is expected to comprise 500 cyber specialists. It is likely to be a joint operation between the Ministry of Defense and the Government Communications Headquarters (GCHQ) and follow appropriate rules of engagement that would allow it to take action against hostile states and terror groups by targeting their satellite, mobile, and IT networks.

This is an edited extract from the Cybersecurity in Power – Thematic Research report produced by GlobalData Thematic Research.