Energy businesses not yet geared for cybersecurity – Inmarsat Enterprise

26th April 2019 By: Marleny Arnoldi - Deputy Editor Online

Energy businesses are exposing themselves to security risks by failing to address weaknesses in their cybersecurity defenses, says Inmarsat Enterprise.

“Businesses in the energy sector recognise that their approaches to cybersecurity must be strengthened, but are not yet taking the practical steps to safeguard their industrial Internet of Things (IoT) deployments,” notes Inmarsat.

The communication services company undertook a study that surveyed 125 businesses across the energy industry, which revealed that 74% of respondents admitted that their processes to combat cybersecurity threats were lacking, while 73% of them reported that more could be done to protect against data mishandling.

However, despite recognising the enhanced security threats of industrial IoT, just 43% have invested in new security technologies and only 30% have partnered with security specialists for assistance, indicating that not enough is being done to secure operations.

“One driver for this response is a lack of relevant skills, with 54% of respondents reporting that they lacked staff with cybersecurity skills to deliver their industrial IoT deployments,” says Inmarsat.

Inmarsat industrial IoT VP Tara MacLachlan comments that a network is only as secure as its weakest point and with industrial IoT increasing the potential surface area for cyberattacks, energy businesses must ensure that they harden every element of their IoT deployments.

“Truly secure industrial IoT deployments must have security built-in from the ground up. This must include secure access management, secure execution environments, enhanced data encryption, and smart validation and authentication between sensors, gateways and the software orchestration platform.

“As we have seen from the results of this study, not every energy business has the skills or technology capabilities to ensure an IoT solution is secure from end-to-end. Businesses need to collaborate with specialist providers who can offer a fully managed IoT service that considers security at every stage, from the edge sensors, to the gateways and orchestration platforms, to the connectivity and networks themselves.”