POWER May 2020 - 6

SPEAKING OF POWER
Cybersecurity Is More
Important Than Ever
Due to COVID-19
Aaron Larson
T
he COVID-19 outbreak has forced
many companies to change the
way they conduct operations.
Leaders have had to divide employees
into essential and non-essential
categories. Essential employees must
report to their worksites and perform
required tasks to keep businesses in
operation. Non-essential workers, while
still important and needed for the continued
success of companies, are often
being allowed to perform their duties
from home, at least in the short term,
by working over an internet connection
tied to their work computer or to a
cloud-based system.
I think most people would agree that
being able to work remotely is a blessing,
especially during a pandemic. Many
companies have been providing telework
capability for years-it comes in
handy whenever employees are traveling
for work or personal reasons. Remote
access also allows more flexible
work schedules, which can improve
morale and reduce employee turnover.
According to Gallup's State of the American
Workplace report, 43% of employees
in 2016 worked remotely in some
capacity. That was up 4% from 2012,
and it has most likely climbed even
more today.
A study published by the Boston
Consulting Group (BCG) says more
than 30 million office workers in the
U.S., and up to 300 million globally,
are expected to work from home due
to COVID-19. However, the report says
shifting work patterns on such a massive
scale can have serious unanticipated
cybersecurity implications. The
authors recommend seven steps companies
should take to safeguard systems
from cyber attacks. The actions
are somewhat general in nature and
apply to all industries.
Cybersecurity: A Team Effort
To get a more power industry-focused
perspective, I spoke to Leo Simonovich,
6
Siemens Energy's global head of Industrial
Cyber and Digital Security. On March
4, before strict COVID-19 lockdowns
were widely enacted, Simonovich led a
tabletop exercise at the 3rd annual Energy
Cyber Security Group vendor/operator
conference in London. Simonovich
walked attendees through a simulated
crisis in which a fictional city's main electric
utility
experienced a cyber attackcaused
blackout.
" It's important that we make these
exercises as realistic as possible, and involve
all parts of the organization and its
supply chain, " Simonovich told me after
the event. " If you look at the latest survey
that we did with the Ponemon Institute,
the majority of utilities can expect
at least one major attack that will lead to
a shutdown or a safety event. So, this is
a new reality that utilities are facing. And
today, one-third of them don't have an incident
response plan. "
The scenario Siemens devised drew
on a set of recent incidents in which intruders
entered systems through basic
vulnerabilities, then took advantage of
the high-tech, digitalized, distributed environment
where some utilities frankly
don't have great visibility. Simonovich
said it's that lack of visibility that leads cyber-attack
responders to search for more
information about the event so they can
put pieces of the puzzle together.
" It's something that they would undertake
at different levels of the organization
with different dimensions. So, for
example, the utility would consider: Do I
investigate my physical supply chain, at
the same time as an employee that has
gone missing, at the same time as I conduct
forensic analysis of my networks?
These pieces of information-are they
relevant to me or are they not? And this
is where being part of a multi-disciplinary
team where you engage vendors to support
you in identifying facts, and then
acting on those facts, is really important, "
he said.
Simonovich said there were two big
takeaways from the exercise. One was
www.powermag.com
that trustworthiness is vitally important.
" We as a community need to come together
to respond to a crisis, " he said.
" Many utilities today do not even have
the phone number of their suppliers that
they can call in case there is a cyber
event, let alone engaging them as part of
a multi-disciplinary team. "
The other was that utilities need to
take a proactive approach, and quickly,
yet thoroughly, identify what is likely
to have an impact on availability, reliability,
and safety. Simonovich said
Siemens has been responding to cyber
incidents for more than 30 years.
It operates about 400 factories and 80
power plants for customers around the
world, so the company's insight comes
from practical experience.
" Every one of our customers needs
to have a plan that involves us in helping
them respond to attacks and vice versa,
because we are increasingly interdependent
on each other because of digitalization, "
said Simonovich. To learn more
about Siemens' incident response playbook,
visit: www.bit.ly/Siemens-Cyber.
Avoiding Viruses
I found one analogy from the BCG report
particularly profound. The authors wrote,
" Cyber attacks are like the COVID-19 virus
itself. Patching your systems is like
washing your hands. And not clicking on
phishing emails is like not touching your
face. " I would take it a couple of steps
further and suggest that maintaining
good firewalls is akin to wearing a mask
in public. And having air gaps in vital networks
is similar to the now-common sixfoot
social distancing rule. Suddenly, it's
obvious that the term " computer virus "
was appropriately coined.
During this challenging time when so
many people are working remotely, it's
more important than ever to keep cybersecurity
top of mind. Please do your part
to stay safe and healthy, both physically
and digitally. ■
-Aaron Larson is POWER's
executive editor.
POWER | May 2020

http://www.bit.ly/Siemens-Cyber http://www.powermag.com

POWER May 2020

Table of Contents for the Digital Edition of POWER May 2020

Contents
POWER May 2020 - Cover1
POWER May 2020 - Cover2
POWER May 2020 - Contents
POWER May 2020 - 2
POWER May 2020 - 3
POWER May 2020 - 4
POWER May 2020 - 5
POWER May 2020 - 6
POWER May 2020 - 7
POWER May 2020 - 8
POWER May 2020 - 9
POWER May 2020 - 10
POWER May 2020 - 11
POWER May 2020 - 12
POWER May 2020 - 13
POWER May 2020 - 14
POWER May 2020 - 15
POWER May 2020 - 16
POWER May 2020 - 17
POWER May 2020 - 18
POWER May 2020 - 19
POWER May 2020 - 20
POWER May 2020 - 21
POWER May 2020 - 22
POWER May 2020 - 23
POWER May 2020 - 24
POWER May 2020 - 25
POWER May 2020 - 26
POWER May 2020 - 27
POWER May 2020 - 28
POWER May 2020 - 29
POWER May 2020 - 30
POWER May 2020 - 31
POWER May 2020 - 32
POWER May 2020 - 33
POWER May 2020 - 34
POWER May 2020 - 35
POWER May 2020 - 36
POWER May 2020 - 37
POWER May 2020 - 38
POWER May 2020 - 39
POWER May 2020 - 40
POWER May 2020 - 41
POWER May 2020 - 42
POWER May 2020 - 43
POWER May 2020 - 44
POWER May 2020 - 45
POWER May 2020 - 46
POWER May 2020 - 47
POWER May 2020 - 48
POWER May 2020 - 49
POWER May 2020 - 50
POWER May 2020 - 51
POWER May 2020 - 52
POWER May 2020 - Cover3
POWER May 2020 - Cover4
https://www.nxtbook.com/accessintelligence/POWER/pwr_may-2024
https://www.nxtbook.com/accessintelligence/POWER/pwr_april-2024
https://www.nxtbook.com/accessintelligence/POWER/pwr_march-2024
https://www.nxtbook.com/accessintelligence/POWER/pwr_february-2024
https://www.nxtbook.com/accessintelligence/POWER/pwr_january-2024
https://www.nxtbook.com/accessintelligence/POWER/pwr_december-2023
https://www.nxtbook.com/accessintelligence/POWER/pwr_november-2023
https://www.nxtbook.com/accessintelligence/POWER/power-october-2023
https://www.nxtbook.com/accessintelligence/POWER/re-tech-supp-to-power-september-2023
https://www.nxtbook.com/accessintelligence/POWER/power-september-2023
https://www.nxtbook.com/accessintelligence/POWER/power-and-re-tech-supp-september-2023
https://www.nxtbook.com/accessintelligence/POWER/power-august-2023
https://www.nxtbook.com/accessintelligence/POWER/power-july-2023
https://www.nxtbook.com/accessintelligence/POWER/power-june-2023
https://www.nxtbook.com/accessintelligence/POWER/power-may-2023
https://www.nxtbook.com/accessintelligence/POWER/power-april-2023
https://www.nxtbook.com/accessintelligence/POWER/power-march-2023
https://www.nxtbook.com/accessintelligence/POWER/power-february-2023
https://www.nxtbook.com/accessintelligence/POWER/power-january-2023
https://www.nxtbook.com/accessintelligence/POWER/power-december-2022
https://www.nxtbook.com/accessintelligence/POWER/power-november-2022
https://www.nxtbook.com/accessintelligence/POWER/Power-October-2022-140th-Anniversary-Supp
https://www.nxtbook.com/accessintelligence/POWER/Power-October-2022-and-Anniversary-Supp
https://www.nxtbook.com/accessintelligence/POWER/power-and-re-tech-supp-september-2022
https://www.nxtbook.com/accessintelligence/POWER/power-september-2022
https://www.nxtbook.com/accessintelligence/POWER/power-august-2022
https://www.nxtbook.com/accessintelligence/POWER/Power-July-2022-Intl
https://www.nxtbook.com/accessintelligence/POWER/power-july-2022
https://www.nxtbook.com/accessintelligence/POWER/power-june-2022-intl
https://www.nxtbook.com/accessintelligence/POWER/power-june-2022
https://www.nxtbook.com/accessintelligence/POWER/power-may-2022
https://www.nxtbook.com/accessintelligence/POWER/power-may-2022-intl
https://www.nxtbook.com/accessintelligence/POWER/power-april-2022
https://www.nxtbook.com/accessintelligence/POWER/Power-April-2022-Intl
https://www.nxtbook.com/accessintelligence/POWER/power-march-2022
https://www.nxtbook.com/accessintelligence/POWER/power-february-2022
https://www.nxtbook.com/accessintelligence/POWER/power-january-2022
https://www.nxtbook.com/accessintelligence/POWER/power-december-2021
https://www.nxtbook.com/accessintelligence/POWER/power-top-plants-supp-december-2021
https://www.nxtbook.com/accessintelligence/POWER/power-november-2021
https://www.nxtbook.com/accessintelligence/POWER/power-october-2021
https://www.nxtbook.com/accessintelligence/POWER/power-september-2021
https://www.nxtbook.com/accessintelligence/POWER/power-august-2021
https://www.nxtbook.com/accessintelligence/POWER/power-july-2021
https://www.nxtbook.com/accessintelligence/POWER/power-june-2021
https://www.nxtbook.com/accessintelligence/POWER/power-may-2021
https://www.nxtbook.com/accessintelligence/POWER/power-april-2021
https://www.nxtbook.com/accessintelligence/POWER/power-march-2021
https://www.nxtbook.com/accessintelligence/POWER/power-february-2021
https://www.nxtbook.com/accessintelligence/POWER/power-january-2021
https://www.nxtbook.com/accessintelligence/POWER/power-december-2020
https://www.nxtbook.com/accessintelligence/POWER/power-november-2020
https://www.nxtbook.com/accessintelligence/POWER/power-october-2020
https://www.nxtbook.com/accessintelligence/POWER/power-september-2020
https://www.nxtbook.com/accessintelligence/POWER/power-august-2020
https://www.nxtbook.com/accessintelligence/POWER/power-july-2020
https://www.nxtbook.com/accessintelligence/POWER/power-june-2020
https://www.nxtbook.com/accessintelligence/POWER/power-may-2020
https://www.nxtbook.com/accessintelligence/POWER/power-april-2020
https://www.nxtbook.com/accessintelligence/POWER/power-march-2020
https://www.nxtbook.com/accessintelligence/POWER/power-february-2020
https://www.nxtbook.com/accessintelligence/POWER/power-january-2020
https://www.nxtbook.com/accessintelligence/POWER/power-december-2019
https://www.nxtbook.com/accessintelligence/POWER/power-november-2019
https://www.nxtbook.com/accessintelligence/POWER/power-october-2019
https://www.nxtbook.com/accessintelligence/POWER/power-september-2019
https://www.nxtbook.com/accessintelligence/POWER/power-august-2019
https://www.nxtbook.com/accessintelligence/POWER/power-july-2019
https://www.nxtbook.com/accessintelligence/POWER/power-june-2019
https://www.nxtbook.com/accessintelligence/POWER/power-may-2019
https://www.nxtbook.com/accessintelligence/POWER/power-april-2019
https://www.nxtbook.com/accessintelligence/POWER/power-march-2019
https://www.nxtbook.com/accessintelligence/POWER/power-february-2019
https://www.nxtbook.com/accessintelligence/POWER/power-january-2019
https://www.nxtbook.com/accessintelligence/POWER/power-december-2018
https://www.nxtbook.com/accessintelligence/POWER/power-november-2018
https://www.nxtbook.com/accessintelligence/POWER/power-october-2018
https://www.nxtbook.com/accessintelligence/POWER/power-september-2018
https://www.nxtbook.com/accessintelligence/POWER/power-august-2018
https://www.nxtbook.com/accessintelligence/POWER/power-july-2018
https://www.nxtbook.com/accessintelligence/POWER/power-june-2018
https://www.nxtbook.com/accessintelligence/POWER/power-may-2018
https://www.nxtbook.com/accessintelligence/POWER/power-april-2018
https://www.nxtbook.com/accessintelligence/POWER/power-march-2018
https://www.nxtbook.com/accessintelligence/POWER/power-february-2018
https://www.nxtbook.com/accessintelligence/POWER/power-january-2018
https://www.nxtbook.com/accessintelligence/POWER/power-december-2017
https://www.nxtbook.com/accessintelligence/POWER/power-november-2017
https://www.nxtbook.com/accessintelligence/POWER/power-october-2017
https://www.nxtbook.com/accessintelligence/POWER/power-september-2017
https://www.nxtbook.com/accessintelligence/POWER/power-august-2017
https://www.nxtbook.com/accessintelligence/POWER/power-july-2017
https://www.nxtbook.com/accessintelligence/POWER/power-june-2017
https://www.nxtbook.com/accessintelligence/POWER/power-may-2017
https://www.nxtbook.com/accessintelligence/POWER/power-april-2017
https://www.nxtbook.com/accessintelligence/POWER/power-march-2017
https://www.nxtbook.com/accessintelligence/POWER/power-february-2017
https://www.nxtbook.com/accessintelligence/POWER/power-january-2017
https://www.nxtbook.com/accessintelligence/POWER/power-december-2016
https://www.nxtbook.com/accessintelligence/POWER/power-november-2016
https://www.nxtbook.com/accessintelligence/POWER/power-october-2016
https://www.nxtbook.com/accessintelligence/POWER/power-september-2016
https://www.nxtbook.com/accessintelligence/POWER/power-august-2016
https://www.nxtbook.com/accessintelligence/POWER/power-july-2016
https://www.nxtbook.com/accessintelligence/POWER/power-june-2016
https://www.nxtbook.com/accessintelligence/POWER/power-may-2016
https://www.nxtbook.com/accessintelligence/POWER/power-april-2016
https://www.nxtbook.com/accessintelligence/POWER/power-march-2016
https://www.nxtbook.com/accessintelligence/POWER/power-february-2016
https://www.nxtbook.com/accessintelligence/POWER/power-january-2016
https://www.nxtbook.com/accessintelligence/POWER/power-december-2015
https://www.nxtbook.com/accessintelligence/POWER/power-november-2015
https://www.nxtbook.com/accessintelligence/POWER/power-october-2015
https://www.nxtbook.com/accessintelligence/POWER/power-september-2015
https://www.nxtbook.com/accessintelligence/POWER/power-august-2015
https://www.nxtbook.com/accessintelligence/POWER/power-july-2015
https://www.nxtbook.com/accessintelligence/POWER/power-june-2015
https://www.nxtbook.com/accessintelligence/POWER/power-may-2015
https://www.nxtbook.com/accessintelligence/POWER/power-april-2015
https://www.nxtbook.com/accessintelligence/POWER/power-march-2015
https://www.nxtbook.com/accessintelligence/POWER/power-february-2015
https://www.nxtbook.com/accessintelligence/POWER/power-january-2015
https://www.nxtbook.com/accessintelligence/POWER/power-december-2014
https://www.nxtbook.com/accessintelligence/POWER/power-november-2014
https://www.nxtbook.com/accessintelligence/POWER/power-october-2014
https://www.nxtbook.com/accessintelligence/POWER/power-september-2014
https://www.nxtbook.com/accessintelligence/POWER/power-august-2014
https://www.nxtbook.com/accessintelligence/POWER/power-july-2014
https://www.nxtbook.com/accessintelligence/POWER/power-june-2014
https://www.nxtbook.com/accessintelligence/POWER/power-may-2014
https://www.nxtbook.com/accessintelligence/POWER/power-april-2014
https://www.nxtbook.com/accessintelligence/POWER/power-march-2014
https://www.nxtbook.com/accessintelligence/POWER/power-february-2014
https://www.nxtbook.com/accessintelligence/POWER/power-january-2014
https://www.nxtbook.com/accessintelligence/POWER/power-december-2013
https://www.nxtbook.com/accessintelligence/POWER/power-november-2013
https://www.nxtbook.com/accessintelligence/POWER/power-october-2013
https://www.nxtbook.com/accessintelligence/POWER/power-september-2013
https://www.nxtbook.com/accessintelligence/POWER/power-august-2013
https://www.nxtbook.com/accessintelligence/POWER/power-july-2013
https://www.nxtbook.com/accessintelligence/POWER/power-june-2013
https://www.nxtbook.com/accessintelligence/POWER/power-may-2013
https://www.nxtbook.com/accessintelligence/POWER/power-april-2013
https://www.nxtbook.com/accessintelligence/POWER/power-march-2013
https://www.nxtbook.com/accessintelligence/POWER/power-february-2013
https://www.nxtbook.com/accessintelligence/POWER/power-january-2013
https://www.nxtbook.com/accessintelligence/POWER/power-december-2012
https://www.nxtbook.com/accessintelligence/POWER/power-november-2012
https://www.nxtbook.com/accessintelligence/POWER/power-october-2012
https://www.nxtbook.com/accessintelligence/POWER/power-september-2012
https://www.nxtbook.com/accessintelligence/POWER/power-august-2012
https://www.nxtbook.com/accessintelligence/POWER/power-july-2012
https://www.nxtbook.com/accessintelligence/POWER/power-june-2012
https://www.nxtbook.com/accessintelligence/POWER/power-may-2012
https://www.nxtbook.com/accessintelligence/POWER/power-april-2012
https://www.nxtbook.com/accessintelligence/POWER/power-march-2012
https://www.nxtbook.com/accessintelligence/POWER/power-february-2012
https://www.nxtbook.com/accessintelligence/POWER/power-january-2012
https://www.nxtbook.com/accessintelligence/POWER/power-november-2011
https://www.nxtbook.com/accessintelligence/POWER/power-october-2011
https://www.nxtbook.com/accessintelligence/POWER/power-september-2011
https://www.nxtbook.com/accessintelligence/POWER/power-august-2011
https://www.nxtbook.com/accessintelligence/POWER/power-july-2011
https://www.nxtbook.com/accessintelligence/POWER/power-june-2011
https://www.nxtbook.com/accessintelligence/POWER/power-may-2011
https://www.nxtbook.com/accessintelligence/POWER/power-april-2011
https://www.nxtbook.com/accessintelligence/POWER/power-march-2011
https://www.nxtbook.com/accessintelligence/POWER/power-february-2011
https://www.nxtbook.com/accessintelligence/POWER/power-january-2011
https://www.nxtbook.com/accessintelligence/POWER/power-december-2010
https://www.nxtbook.com/accessintelligence/POWER/power-november-2010
https://www.nxtbook.com/accessintelligence/POWER/power-october-2010
https://www.nxtbook.com/accessintelligence/POWER/power-september-2010
https://www.nxtbook.com/accessintelligence/POWER/power-august-2010
https://www.nxtbook.com/accessintelligence/POWER/power-july-2010
https://www.nxtbook.com/accessintelligence/POWER/power-june-2010
https://www.nxtbook.com/accessintelligence/POWER/power-may-2010
https://www.nxtbookmedia.com