Utility Week - authoritative, impartial and essential reading for senior people within utilities, regulators and government
Issue link: https://fhpublishing.uberflip.com/i/1477933
16 | SEPTEMBER 2022 | UTILITY WEEK Energy the Utility Week brand brought to life, and will shape Utility Week's campaigning agenda in the months ahead. Highlights of the agenda, which can be seen in full at https://bit.ly/3AF03cY, include: Nicola Shaw, chief executive, Yorkshire Water At a time when affordability is key, maintaining, pro- tecting and building resilience in the water network is demanding huge investment. • How can regulation adapt to ensure capital invest- ment in the right solutions to the sector's biggest challenges? • How do you justify investing in the network when there is a cost-of-living crisis? • Why should we be prioritising net zero? • Why is customer engagement so important? Oxford Debate: The Trilemma Three senior leaders from the utilities industry debate the three pillars of the trilemma, aiming to persuade the audience that theirs is the most impor- tant challenge. Each will spend five minutes outlin- ing their argument before answering questions from the chair and audience to build their case, followed by an audience poll. Speakers: Steve Giddings, regulation manager, Tideway Rachel Fletcher, director regulation and economics, Octopus Gordon Reid, general manager zero emissions, Scottish Water John Penrose, MP Jonson Cox, former chairman, Ofwat, who will be delivering the closing keynote speech. CEO panel: Security of supply in an unknown world Citizens are more reliant than ever before on power to charge their vehicles, clean and heat their water and enable their newly flexible lifestyles. How can today's utilities ensure security of supply for tomorrow's world? • Prioritising climate adaptation • Protecting end users and fulfilling demand Speakers: Basil Scarsella, chief executive, UK Power Networks Mike Lewis, chief executive, Eon UK Noyona Chundur, chief executive, Consumer Council As well as keynote presentations and panel sessions, the Utility Week Forum will include streams delving into key issues around the trilemma, including: Day One: Ensuring affordable utilities Driving sustainability Day Two: Adaptive utilities From innovation to BAU Security of water supply Security of energy supply For further information, visit: https://events.utility- week.co.uk/forum continued from previous page Analysis Stay a step ahead of cyber-criminals It's near impossible to keep every hacker at arm's length – the only answer is constant encryption. U tilities are constantly being targeted by cyber- criminals. In recent attacks, the BlackCat ransom- ware gang has claimed responsibility for hacking Creos, a gas and electricity supplier in Luxembourg. BlackCat claimed to have stolen 150GB of data from parent company Encevo, including company contracts, agreements, passports, bills and emails. BlackCat is thought by the FBI to be linked to the DarkSide group, based mainly in Russia and responsible for the infamous Colonial Pipeline hack in the US. This latest attack reflects a growing trend. The UK's energy sector was the target of 24% of all cyber-security incidents in the country in 2021, according to research from IBM Security. This makes the energy sector the most targeted industry, followed by the manufacturing and financial services sectors. When it comes to method of attack, social engineer- ing, system intrusion and web application attacks made up 98% of energy data breaches in 2021, according to Cost of a Data Breach Report 2022. The traditional way to mitigate these risks and pro- tect data and systems is to try to stop the cyber-criminals getting in. This means identifying and then blocking malicious activities using anti-virus so¤ware and new techniques such as threat intelligence centres, endpoint telemetry, zero-trust and user behaviour analysis. But cyber-criminals have a habit of being one step ahead and while anti-malware vendors try to keep up, mainstream security is always one step behind. An alternative approach is to protect the data itself at source by encrypting the data. Full disk encryption is frequently used for this as it encrypts your device. While this is fine if you lose your laptop or USB stick, on a run- ning system it will hand over decrypted data to every process that asks for it. And as cyber-criminals can only steal data from running systems, full disk encryption cannot prevent this the¤. The answer is to encrypt all your data, all the time. But to work, full data encryption must be just as trans- parent and as easy to use and data needs to be encrypted at rest, in transit and in use, no matter where it gets cop- ied – including when it is stolen. It's time we recognised that the traditional "castle and moat" approach is not going to stop determined cyber-criminals. Security is most effective when it is applied as close to the source as possible and you can't get closer than the data itself. Nigel Thorpe, technical director at SecureAge For this story in full, go to: https://utilityweek.co.uk/ cybersecurity-can-you-trust-utilities-with-your-data/