According to IBM’s 2018 Cost of Data Breach Survey, the average total cost of a data breach, globally, is $3.86 million. Putting reputation concerns and personal data vulnerability aside, that’s not a cost any business can take lightly.
Electro Industries is committed to helping the businesses we work with stay ahead of the curve when it comes to arming their commercial power monitoring systems against cyber security attacks – especially when they can lead to these kind of costly data breaches. At a high-level, here are the security features you want to have in place:
Encryption. Encrypting secure messages to and from meters prevents malicious users from *sniffing your credentials. This can be done with the use of an encryption key, a random string of bits created explicitly for scrambling and unscrambling data. Long encryption keys make it harder to sniff as the code can only be easily read by the sender and the receiver.
Complex Passwords. Over the years, it’s become increasingly popular for networks to require a password that is both longer in length and more complex in makeup (i.e. the inclusion of special characters and a combination of both letters and numbers). It’s important to apply these same rules when creating passwords for your power meter software applications so they are not easy to guess.
Limitation of Login. Also increasingly popular, it’s important to limit the number of times an individual user can enter an incorrect password in a short period of time. This also makes it harder for malicious attackers to repeatedly guess credentials.
Digital Signing of Firmware. Signing firmware guarantees that the meter is running code that is authentic. Without it, there’s no way to tell if code has been tampered with, thus producing inauthentic results.
Training on Social Engineering Attacks. Employees are a crucial part of ensuring your system’s security and should ideally be just as comfortable with the guidelines above. Notifying employees of security updates is just as important as installing them!
For more information on Cyber Security in the energy sector, visit our website or reach out to our expert team of engineers at firstname.lastname@example.org.
*Sniffing is a term used to describe a cyber attacker’s ability to silently capture data as it is transmitted over an unsecured network.November 30, 2018