critical infrastructure rss sort by issue

Issue 02/2020

Cyber security for critical infrastructure

Many power stations and industrial plants are not equipped to deal with a new generation of malware that targets industrial automation and control systems

Critical infrastructure, ranging from traffic lights to manufacturing plants and power stations, are coming under increasing attack as a new generation of malware specifically targets industrial automation and control systems (IACS). These systems include the supervisory control and data acquisition (SCADA) technology and human machine interfaces (HMI) that are at the very heart of the assets that keep modern society safe and functioning.

2019
Issue 06/2019

New standard to boost nuclear power installations’ cyber resilience

The scope and cost of cyber-malicious activities are increasing worldwide.

According to Cybersecurity Ventures' Cyber Crime Annual Report 2019, the annual cost of cyber crime for the global economy will double between 2015 and 2021 to reach USD 6 trillion by 2021. In addition to financial losses, attacks on critical infrastructure are of growing concern.

Issue 05/2019

Cyber security strategies for the energy sector: how to achieve resilience

A new IEC Technology Report identifies five critical concepts on cyber security and resilience for the smart energy sector

The IEC Systems Committee on Smart Energy has published a new Technology Report on best practices for protecting the electric grid against cyber attacks. Cyber security and resilience guidelines for the smart energy operational environment is the work of a group of top international experts brought together by the IEC Systems Committee on Smart Energy. Frances Cleveland, who leads the group, presented the report at the recent IEC General Meeting in Shanghai.

Issue 04/2019

Cyber security-by-design

Organizations should build cyber resilience from the beginning, rather than only looking at security after implementation

This year’s IEC General Meeting is taking place in China, a country with a long tradition of putting up buildings that can withstand earthquakes. Centuries ago the Chinese realized that the best way to protect cities in an active seismic area is to start thinking about safety and security during the design phase. A good example from more recent times is the world’s second tallest building, the Shanghai Tower. The 632-metre structure (2 073 ft) was designed with a reinforced foundation and a system of counterweights and shock absorbers to prevent excessive swaying during earthquakes and high winds.  

Issue 02/2019

Protecting critical infrastructure: the importance of making power grids secure-by-design

IEC 62351 standards for secure-by-design power systems communications

For the second year in a row the World Economic Forum has listed cyber attacks as one of the top five global risks, and highlights that an attack on a country’s electricity system could potentially have devastating effects. Power grid risk has increased due to expanded connectivity to IT and other systems, exposing them to more threats. As the same time, threat actors are focusing more on critical infrastructure attacks, and benefiting from the availability of malware toolsets on the internet.

2018
Issue 04/2018

Cyber security for supply chains: as strong as the weakest links

Supply chains vulnerabilities make them targets of choice for attacks

As up to 80% of cyber breaches may originate in supply chains, protecting these is an absolute priority for all organizations. Industrial and critical infrastructure assets are most at risk. The IEC has developed many Standards for these. It works also on conformity assessment (CA) and global certification schemes through Working Groups (WGs) set up by its Conformity Assessment Board (CAB) and by the Certification Management Committee (CMC) of IECEE, the IEC System for Conformity Assessment Schemes for Electrotechnical Equipment and Components. Both should help better protect supply chains.

Issue 04/2018

How to mitigate cyber threats

Latest publication in a critical series of cyber security International Standards

IEC Technical Committee (TC) 65: Industrial process measurement, control and automation, has recently published IEC 62443-4-1 on the life-cycle requirements for secure product development in industrial automation and control systems. The publication is the latest in the IEC 62443 series of Standards, a comprehensive set of guidelines that can be implemented in any professional environment, including those covering critical infrastructure, such as power plants or transport networks. These Standards are also increasingly used in the medical sector to protect patient data.

2017
Issue 07/2017

Helping thwart cyber threats on nuclear plants

Bespoke IEC International Standards reinforce protection against cyber attacks on nuclear power plants

Cyber attacks on civil nuclear power plants (NPPs) would have devastating consequences for a country relying, even in part, on nuclear energy. It could affect the entire power network, might cause the release of radioactive material and would have a highly adverse impact on public opinion. A Subcommittee (SC) of the IEC is developing International Standards that reinforce the cyber resilience of NPPs.