Siemens ’ guide to cybersecurity for energy companies
Siemens ’ guide to cybersecurity for energy companies
Published in its playbook ‘ Simulating a Cyberattack on the Energy Industry ’, the company recommends the following interlinked steps to form a perpetual cycle of defence and improvement :
Preparation : Energy companies should allocate specific teams and job roles for staff trained to handle cyberthreats , who should then prepare a methodical response programme which can be easily deployed when needed .
Identification : Familiarity with a system during normal operations will help to recognise abnormalities faster .
Containment : Once an incident has been identified , the next course of action is to isolate the spread of ‘ infection ’ and prevent the compromisation of multiple systems . This can be difficult for energy companies , which emphasises the importance of planning .
Eradication : Forensic teams must get rid of the threat with a view to restoring normal operations as soon as possible . Backing up essential operations should be given paramount importance .
Recovery : Following the elimination of the cyberthreat , energy companies should restore critical functions and perform system integrity checks . Evidence should also be collected on the nature of the threat and how it was dealt with .
Lessons learned : After normal service has been restored , all evidence and documentation associated with the attack should be compiled and analysed in order to inform any subsequent changes that need to be made .
75 www . energydigital . com