U.S. Electrical Grid Cyber-spy Threat Could Mean Security OpportunityBy Jessica Davis | Posted 2009-04-09 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Legislators and regulators are highlighting the threat of cyber-spies exploiting Internet security weaknesses to attack the U.S. electrical grid. That threat may indicate an opportunity for reseller solution providers, particularly those that specialize in firewalls, VPNs and attack remediation, to help protect U.S. utilities.
As legislators and regulators highlight the
threat of cyber-spies exploiting computer and network security weaknesses to
attack the U.S. electrical grid, there may be an opportunity for
reseller solution providers to help protect it.
This week the Wall Street Journal reported that cyber-spies from China, Russia and other countries have penetrated the U.S. electrical grid and left behind software programs that could be used to exploit the system. It sounds like a plot line from the television show "24," but security experts view it as a real threat.
And the idea of modernizing U.S. infrastructure, including its IT systems, has been gaining momentum for months as President Barack Obama has made it first a rallying cry for his presidential campaign and then a focus of his administration.
While funds from the economic stimulus package have not specifically been earmarked for modernizing IT systems at utility companies, the push to make that happen will only get stronger now as lawmakers focus on the ongoing threat to national security.
IT market research company Gartner has identified IT spending by utilities as one of the few pockets of opportunity in 2009.
And those targeting the security space agree that utilities are ready for a major security upgrade.
"Certainly there will be opportunity that comes along for big companies and little companies," says Andy Klein, a senior product manager at SonicWall. SonicWall provides unified threat management to a range of companies through its 100 percent channel sales organization. "Security has to be a critical ingredient of that."
Klein says the question arises of how cyber-spies were able to infiltrate the IT systems of U.S. utilities at all. He says he believes that U.S. utility companies, when they first began providing services many years ago, relied on physical security to protect against threats.
But evolving systems, connections to the Internet, wireless networks, the advent of Web 2.0 social networking and other technological developments that were never anticipated by the systems' original security architects may have outpaced the utilities' efforts to secure their IT infrastructure systems.
Klein says two technologies will be important in protecting against this threat—firewalls and VPNs.
"But not just your mother's firewall," Klein says. "It's really about the whole notion of UTM services … the whole inspection of everything that is coming through the pipe."
Opportunities may also exist for those reseller solution providers that can go in and identify threats that cyber-spies have left behind.
U.S. utilities will also need to establish security policies, says Klein, addressing issues such as whether employees should be allowed to access the Internet or use Web 2.0 applications.