in Security

QinetiQ helps UK electricity sector prepare for cyber-attacks

Posted 5 December 2019 · Add Comment

QinetiQ (Lead Exercise Integrator), with strategic partner Inzpire, working in partnership with the National Cyber Security Centre (NCSC) and the Department for Business, Energy and Industrial Strategy (BEIS), has successfully completed the first ever series of UK sector-wide, cyber resilience exercises for the UK’s Critical National Infrastructure (CNI) Electrical Distribution organisations.


Courtesy QinetiQ


Cyber-attacks on individuals, commercial organisations, CNI and Government departments are increasingly common and constantly evolving, impacting on reputation, safety and share price.  Whether it is due to hacktivists, cyber criminals or nation states, the cyber threat is one which the UK is trying to stay one step ahead of, in an environment without traditional boundaries and where the threat cannot always been seen and the impact is not immediately obvious.

Future generations of board level executives, operational managers and technical engineers must be equipped with the knowledge, skills and confidence in cyber capabilities to maximise the opportunities that cyberspace creates and ensure resilience against the potential threats.  Cyber Security needs to form part of ‘business as usual’ activities, requiring education, training, operational planning & preparation and consideration throughout a capability or service lifecycle.  Only then will an organisation be able to increase the awareness, skills and knowledge of operations within cyberspace and better understand how to plan and respond to threats, and to synchronise operations in both the physical space and cyber domains.

QinetiQ’s expertise, with over 20 years of experience in providing training, exercising and operational assurance, has been applied to the UK’s electricity sector in a first of its kind series of sector wide cyber resilience exercises.  Exercising increases the confidence of individuals, teams, organisations and sectors in their ability to identify, protect, detect, respond and recover in order to sustain operations in the event of cyber-attack.

QinetiQ as the Lead Exercise Integrator, working in partnership with BEIS, NCSC and strategic partner Inzpire, facilitated a series of exercises collectively known as “PowerPlay”.  PowerPlay was specially designed and executed to prepare and equip the electricity sector’s engineering, operational and executive teams with the knowledge, skills and confidence in their processes and technologies to maximise the opportunities that cyberspace creates whilst ensuring resilience against the cyber threat.

The three exercises, started with an operational / command & control focused exercise to understand the role of individual organisations and how communications and decisions are made within the context of a much larger, coordinated sector wide incident.  Following this was a live-exercise focused on the 3rd party supply chain (without knowledge that they were being exercised) to examine how they would analyse and fuse multiple cyber-incidents to create common situational awareness and coordinate incident response.  The exercise series culminated in a large, distributed exercise involving over 170 participants at 13 different locations across the UK and abroad.  A complex set of inter-connected events played out based on attacks varying from spearphishing to more specialist attacks on both IT and Operational Technology networks.

Dr Richard Randel, Principal System Engineer Cyber, Information and Training at QinetiQ said: “The exercise demonstrates how QinetiQ can work with Government partners and the CNI sector, bringing together our capabilities and experience, to increase the resilience of the UK and recognise the importance of exercising as a means to assure operations.“

John, Scottish and Southern Electricity Networks said: “We would like to thank the NCSC for the invitation and our subsequent involvement in the sector-wide cyber security test. The challenge and results from the scenario exercising has been invaluable in applying improvements to our emergency planning and resilience processes, along with recognising the importance of cross industry support and alignment during such events.”

A participant said: “It provided us with a greater awareness of the cyber threats within the sector and how all business functions need to work together to respond to a cyber-incident.”

 

* required field

Post a comment

Other Stories
Advertisement
Latest News

COVID-19 impact on RAF Display Teams in 2020

Noting the restrictions currently in place on the UK population during the effort to combat the spread of the Coronavirus (COVID-19), the Royal Air Force (RAF) has suspended all displays from its various teams and bands until further

ICAO stresses air transport's role in recovery from COVID-19 pandemic

ICAO’s Council President and Secretary General welcomed the G20 leaders’ statement on COVID-19, including its underscoring of how this unprecedented pandemic serves as “a powerful reminder of our interconnectedness and

IATA highlights airlines' cash crisis

The International Air Transport Association (IATA) has published new analysis showing that airlines may burn through $61 billion of their cash reserves during the second quarter ending 30 June 2020, while posting a quarterly net loss

Horizon Technologies secures new FlyingFish orders

Horizon Technologies has secured a £500+K order for an undisclosed quantity of FlyingFish SIGINT systems from a Sub-Saharan African country.

Self-help options open to cash strapped European airlines

Europe’s largest airlines have important self-help options open to them to help stave off the liquidity crisis brought on by the COVID-19 pandemic despite the spectre of mass bankruptcy hanging over the industry and calls for urgent

EDM installs Air Baltic’s A220 Extended Door Trainer

Manchester based provider of training simulators to the civil aviation and defence sectors, EDM, has completed a project for Air Baltic’s A220 Extended Door Trainer, which has been fully installed at their training facility in Riga,

IQPC SK0403300420
See us at
SMI favws BT0602040620DVD 20203CDSE BT2702150720