Practical Guides
Essential Reading
Cybersecurity for UK Energy and Utilities
The 2015 attack on Ukraine left around 230,000 people without electricity, the first blackout confirmed to be caused by a cyberattack.
OT and ICS Security Checklist for Energy Operators
Dragos consistently reports that the majority of OT environments it assesses have limited or no visibility into their own control-network traffic.
Further Reading
How to Run a Cyber Risk Assessment for an Energy Operator
The 2017 Triton attack targeted a plant safety-instrumented system, the layer of last resort designed to prevent loss of life.
Securing a Water and Wastewater Utility
At Oldsmar in 2021, an attacker raised the lye setpoint to 11,100 ppm, more than 100 times the safe level, through an exposed remote-access tool.
Securing Distributed Energy Resources
A 2022 satellite outage disrupted remote monitoring of roughly 5,800 wind turbines across Europe, showing how dependent DER is on connectivity.
Cyber Insurance for Energy Operators
Colonial Pipeline reportedly paid around 4.4 million dollars in ransom in 2021, helping drive insurers to tighten critical-infrastructure cover.