What is the best approach to combating malicious threats?
Metering & Smart Energy International spoke to Massimo Rocca, head of information security at Enel Italy, to better understand the European cybersecurity landscape and how the global energy utility is gearing up to combat threats to data and infrastructure.
When asked how real is the cyber threat for European utilities, Mr Rocca said it is “concrete”. The challenge for an energy company, however, is to identify the intended effects of a cyberattack, he said. “We have huge background noise in the identification of cyber threats. Enel's global IT security infrastructure identifies more than 100,000 events a day.
"For this reason it is very complex to understand if a security event is a common incident or a deception made to hide another type of threat that is focused on our assets or people.”
Italy industrial “lab” for developing and testing solutions
Enel, a multinational electricity and gas operator present in 30 countries, isn't your average utility and is able to share experiences across its information security departments. The energy company has coordinated most of its global cyber security initiatives from Italy, which acts as an industrial “lab” for developing and testing solutions and policies that are rolled out in other countries.
Rocca said this is due to the way the utility has been targeted in Italy in the past five to 10 years, constituting a "remarkable scenario” in the European context. “We have faced many phases [regarding the sources of attacks] that we haven’t experienced in all the other countries and for this reason we started to work on ICS security more than five years ago, with a particular attention to Italy.”
On the subject of who is carrying out the malicious attacks, Rocca said Enel Italy is being targeted from many different audiences. “Organized cyber crime has been targeting us. From our analysis, we are quite sure that it happened in the past and is impossible to exclude that this is still happening.”