Use cases

How energy companies are tackling cybersecurity challenges

Credit: Bert van Dijk/Getty images.

Powered by

Nozomi Networks’ sensors improve the security of Enel’s grid management functions

Nozomi Networks is a specialist cybersecurity vendor that focuses on developing physical and virtual sensors as well as software as a service (SaaS) products to install in manufacturing facilities. The sensors provide network visibility, threat detection, and insight. The company focuses on monitoring and detection for Industrial Control Systems (ICS), operational technology (OT), and IoT devices. As such, the company works with nine sectors, including electric utilities. 

Enel is an Italian power company that operates globally in 30 countries across four continents. It plays a key role in managing and monitoring the Italian power grid, which supplies energy to 31 million customers and is operated by the Italian Transmission System Operator (TSO).  

Enel is charged with ensuring the availability of the OT, IoT, and industrial networks that support the grid, as well as managing Regional Control Centers and Interconnection Centers that connect with the TSO, which manages energy flow to the grid. Maintaining this critical national infrastructure naturally requires constant interaction and cooperation between Enel and the TSO, and securing the networks that support this is therefore imperative.  

Enel wanted to move away from using standard networking tools in its management of the ICS (ICS), due to the manual and time-consuming nature of monitoring and troubleshooting the control network. Previously, gathering data was a difficult process and, once collected, human knowledge was required to evaluate the data. Therefore, improvements in efficiency and security were necessary. Enel worked with Nozomi in 2023 to deploy the latter’s Guardian security sensor, which monitors network activity to identify any vulnerabilities and detect cyber threats, while also improving operational efficiency. Guardian was initially deployed at one Regional Control Center to allow for testing to occur, before being installed at all RCCs across the grid, as well as at the Interconnection Centers to monitor Enel’s connection with the TSO. Nozomi’s Central Management Console sensor, which manages and provides an overview of all Guardian sensors in its environment, was also installed. 

Enel has benefitted from the automation of the process of data collection from all parts of the grid without the need for human intervention, improving efficiency and allowing staff to focus on protecting the company’s operations. Staff now have full visibility of the Enel control network, improving their ability to detect anomalous activities, misconfigurations, and standard and advanced security attacks. 

Claroty helps generation and transmission companies secure their operations

Claroty is a vendor of ICS security solutions and works with several clients in the energy sector including Siemens, Schneider Electric, Mitsui & Co., and others. It recognizes that assets in industrial environments are vulnerable to cyber threats that are hard to detect and has created a cybersecurity offering called The Claroty Platform, which seeks to resolve these issues. 

An unnamed power generation and transmission company, delivering services across a nationwide transmission network, worked with Claroty in 2022 to reduce the risks associated with redundancy across its network of power plants. Redundancy involves the duplication of certain critical components or functions of a technological system to ensure that a component failure does not have wide-reaching negative impacts across the system.  

Although this is an essential practice for power companies to ensure the reliability of their OT networks, it also brings cybersecurity risks when coupled with a complex network of widely distributed architecture, and in this case, insufficient security controls.  

Attackers consequently had hundreds of potential entry points into the company’s OT networks, and the built-in redundancy meant that, generally, attacks were only detected if the damage caused was easily noticeable. Small-scale attacks could occur undetected despite causing considerable damage, and the overall availability and reliability of the company’s OT was inadequate as a result. 

To solve these issues, the company deployed The Claroty Platform to bolster the cybersecurity of its OT infrastructure. One component of the platform is Continuous Threat Detection, which offers improved asset visibility and constant security monitoring. A Secure Remote Access element also allows plant staff and third-party vendors to monitor and access the company’s OT network with greater security, reducing the risk of any threats caused by potential misconfigurations. 

 The company also benefitted from an improved alerting mechanism which enabled its Security Operations Center (SOC) to pinpoint the exact time of, and reasons behind, any anomalous or malicious activity occurring in the OT networks of its power plants. 

GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.

GlobalData’s Thematic Intelligence uses proprietary data, research, and analysis to provide a forward-looking perspective on the key themes that will shape the future of the world’s largest industries and the organisations within them.

Go to article: Home | Cybersecurity in the age of AIGo to article: ContentsGo to article: BriefingGo to article: Foreword: Cybersecurity in the age of AI Go to article: Navigating the AI-driven cybersecurity landscapeGo to article: Key trends impacting cybersecurity Go to article: Timeline: a history of cybersecurity Go to article: Explainer: The most common types of cyberattacks Go to article: AI attacks now ‘the main cybersecurity concern’ for businesses across sectors Go to article: The state of cybersecurity: AI and geopolitics mean a bigger threat than ever Go to article: Companies’ own AI applications are ‘a huge cybersecurity problem’ Go to article: Regulators must protect the cybersecurity market from a private equity takeover Go to article: HealthcareGo to article: The impact of cybersecurity on healthcareGo to article: Case studies: cybersecurity in healthcare Go to article: Leading cybersecurity adopters and providers in healthcareGo to article: How healthcare cybercrime is predicted to escalate Go to article: Healthcare cybersecurity risk ‘higher than ever’ due to pandemicGo to article: Industry takes: Keeping healthcare businesses cybersecure Go to article: Rubrik’s Richard Cassidy on cyberattacks and resilience in healthcare organisationsGo to article: Cyberattacks on healthcare: Russia’s tool for mass disruption Go to article: Traceability technologies tighten supply chain fakery Go to article: Could brain-computer interfaces be hacked? Go to article: Deal activity related to cybersecurity in the pharma industry since 2021 Go to article: Deal activity related to cybersecurity in the medical industry since 2021 Go to article: EnergyGo to article: The impact of cybersecurity on the energy sector Go to article: Case studies: cybersecurity in energy Go to article: Leading cybersecurity adopters and providers in power Go to article: Cyberattacks on critical energy infrastructure ‘have increased dramatically’ Go to article: Report: Nuclear industry faces acute cybersecurity threats Go to article: The energy transition means increased attack surfaces for hackers Go to article: Deal activity related to cybersecurity in the power industry since 2021  Go to article: Cyber threat to oil and gas driven by geopolitics, extortion Go to article: How has cybersecurity changed since the Aramco hacks? Go to article: Deal activity related to cybersecurity in the oil and gas industry since 2021  Go to article: MiningGo to article: The impact of cybersecurity on miningGo to article: Case studies: cybersecurity in miningGo to article: Leading cybersecurity adopters and vendors in miningGo to article: Proactive approach to cybersecurity key for minesGo to article: ‘Operational disruption’ the main cybersecurity threat in miningGo to article: Why the mining sector should prioritise investment in cybersecurityGo to article: Will the Northern Sea Route become commercially viable in the near future?Go to article: Deal activity related to cybersecurity in the mining industry since 2021Go to article: DefenceGo to article: The impact of cybersecurity on defence Go to article: Case studies: cybersecurity in defence Go to article: Leading cybersecurity adopters and providers in defence Go to article: Latest news: Ukraine war dominant in cyber operationsGo to article: Sweden’s Nato accession: a cyberattack-filled saga Go to article: Germany recalls ambassador to Russia over cyberattacks Go to article: Why have cyberattacks in Poland spiked since Donald Tusk’s election? Go to article: How did China hack the UK Ministry of Defence? Go to article: Will IoT in defence continue to grow amid cybersecurity concerns? Go to article: AI Innovations wants to use semi-autonomous drones to save lives in Ukraine Go to article: Deal activity related to cybersecurity in the aerospace & defence industry since 2021  Go to article: Consumer GoodsGo to article: The impact of cybersecurity on the consumer goods sector Go to article: Case studies: cybersecurity in the consumer sector Go to article: Leading cybersecurity adopters and providers in consumer goodsGo to article: Latest news: Cybersecurity in packagingGo to article: Cybersecurity rising concern for packaging firms as digitalisation raises threat Go to article: Packaging companies must protect production lines from cyberattacks –analyst Go to article: Cybersecurity boost: Packaging learns from recent IT outages Go to article: Deal activity related to cybersecurity in the packaging industry since 2021  Go to article: Latest news: Cybersecurity in drinks Go to article: Drinks industry faces cybersecurity challenges from smart manufacturing Go to article: Brown-Forman chief talks cybersecurityGo to article: Modern supply chains open up cyber weak spotsGo to article: BankingGo to article: The impact of cybersecurity in banking and payments Go to article: Case studies: cybersecurity in banking Go to article: Leading cybersecurity adopters and providers in banking & payments Go to article: Latest news: cybersecurity in bankingGo to article: AI needed to tackle AI fraud – cybersecurity expert Go to article: What are the main cybersecurity trends of 2024? Go to article: What does the Economic Crime Act mean for foreign investors to the UK? Go to article: Regulators make crypto more attractive to institutions – NYU professor Go to article: Finance firms and ex-spies: strange bedfellows in a war-torn world Go to article: Monzo adds friction to fight fraud—but the features may not be popular with customers Go to article: Looking to stop payment fraud? Modernise your approach to bank validation Go to article: Governments must intervene on anti-fraud funding for real-time payments Go to article: Knowledge sharing puts finance sector among best for cybersecurity Go to article: Deal activity related to cybersecurity in the retail banking industry since 2021  Go to article: Sponsorship opportunitiesGo to article: GlobalData Thematic IntelligenceGo to article: Next issue