Cyber-securing Digital Substations

As the roll-out of digital substations gains pace the cyber-physical security of these assets must become a more urgent priority. To ensure a robust defence-in-depth approach that will stand the test of time, engineering and security teams must work collaboratively and cooperatively, even in the midst of the most rapid threat landscape changes that the power grid has ever witnessed.

In this 60-min webinar, speakers from Accenture, Qirion, and OMICRON present their insights and experiences of implementing cost-effective defence-in-depth cyber-physical security solutions for digital substations. We address the evolving threat landscape and how it is likely to impact digital substation assets in the next 2-3 years, determine the optimal cyber-physical strategy to guard against immediate and longer-term threats, and evaluate the role of standards such as ISO 27001, IEC 62443, IEC 62351 among others, in ensuring a holistic approach to the security of next generation substations.

When engineering teams work hand-in-hand with their security colleagues to specify and implement advanced cyber-physical security for IT/OT converged substations, the power grid is protected from every conceivable threat on the horizon, in the most time and cost-efficient manner.

• Quantifying the digital substation attack surface and determining the threat vectors and bad actors that will pose the greatest risk

• Clarifying the vulnerabilities associated with IT/OT converged environments and ensuring engineering and security teams work together effectively to resolve these

• Leveraging standards such as ISO 27001, IEC 62443, IEC 62351 to ensure a holistic approach

Arkaitz is a Cyber Security Professional with more than 10 years of experience. The last 5 years have been oriented to Industrial and SCADA Cyber Security. He has a degree in Cyber Security and holds CISA and GICSP certification. His expertise ranges from technical to management issues. Arkaitz is also professor at U-TAD University.

• Identifying the greatest risks to the cyber-physical security of digital substation in the next 2-3 years

• Designing a defence-in-depth approach that will guard against known and unknown threats in the rapidly evolving digital substation space
• Overhauling the workforce recruitment strategy to minimise the risk of insider threat

Mike has a bachelor’s degree in electrical engineering from the University of Applied Science Windesheim and a master’s degree in business administration from the University of Nyenrode. He started his career at Qirion B.V. in 2015 and has since carried out a variety of roles including as a protection, automation and control engineer for the high voltage grid, moving on in 2019 to fulfil a role as security consultant. As security consultant Mike is part of the Qirion Privacy & Security Office and in direct contact with the Alliander CISO-Office. He is the advisor for the (cyber) security of high voltage operations within Qirion B.V. (800 people) and co-responsible for implementing IEC/ISO 27001 within the organisation.

• Understanding the cyber-physical security needs of legacy and new digital substations
• Evaluating how intrusion detection systems can help in OT-security processes to ensure rapid detection and speedy response to new threats
• Reviewing the security issues commonly found in security assessments of process bus and conventional substations

Andreas is managing the business area Power Utility Communication (PUC) at OMICRON. His fields of experience are in substation communication, SCADA, and power systems cyber security. He has published numerous conference papers and holds patents in these fields. As a member of the WG10 in TC57 of the IEC he is participating in the development of the IEC 61850 standard series.

Welcome to Cyber-securing Digitals Substations

Webinar Programme