in Security

QinetiQ helps UK electricity sector prepare for cyber-attacks

Posted 5 December 2019 · Add Comment

QinetiQ (Lead Exercise Integrator), with strategic partner Inzpire, working in partnership with the National Cyber Security Centre (NCSC) and the Department for Business, Energy and Industrial Strategy (BEIS), has successfully completed the first ever series of UK sector-wide, cyber resilience exercises for the UKís Critical National Infrastructure (CNI) Electrical Distribution organisations.

Courtesy QinetiQ

Cyber-attacks on individuals, commercial organisations, CNI and Government departments are increasingly common and constantly evolving, impacting on reputation, safety and share price.  Whether it is due to hacktivists, cyber criminals or nation states, the cyber threat is one which the UK is trying to stay one step ahead of, in an environment without traditional boundaries and where the threat cannot always been seen and the impact is not immediately obvious.

Future generations of board level executives, operational managers and technical engineers must be equipped with the knowledge, skills and confidence in cyber capabilities to maximise the opportunities that cyberspace creates and ensure resilience against the potential threats.  Cyber Security needs to form part of ‘business as usual’ activities, requiring education, training, operational planning & preparation and consideration throughout a capability or service lifecycle.  Only then will an organisation be able to increase the awareness, skills and knowledge of operations within cyberspace and better understand how to plan and respond to threats, and to synchronise operations in both the physical space and cyber domains.

QinetiQ’s expertise, with over 20 years of experience in providing training, exercising and operational assurance, has been applied to the UK’s electricity sector in a first of its kind series of sector wide cyber resilience exercises.  Exercising increases the confidence of individuals, teams, organisations and sectors in their ability to identify, protect, detect, respond and recover in order to sustain operations in the event of cyber-attack.

QinetiQ as the Lead Exercise Integrator, working in partnership with BEIS, NCSC and strategic partner Inzpire, facilitated a series of exercises collectively known as “PowerPlay”.  PowerPlay was specially designed and executed to prepare and equip the electricity sector’s engineering, operational and executive teams with the knowledge, skills and confidence in their processes and technologies to maximise the opportunities that cyberspace creates whilst ensuring resilience against the cyber threat.

The three exercises, started with an operational / command & control focused exercise to understand the role of individual organisations and how communications and decisions are made within the context of a much larger, coordinated sector wide incident.  Following this was a live-exercise focused on the 3rd party supply chain (without knowledge that they were being exercised) to examine how they would analyse and fuse multiple cyber-incidents to create common situational awareness and coordinate incident response.  The exercise series culminated in a large, distributed exercise involving over 170 participants at 13 different locations across the UK and abroad.  A complex set of inter-connected events played out based on attacks varying from spearphishing to more specialist attacks on both IT and Operational Technology networks.

Dr Richard Randel, Principal System Engineer Cyber, Information and Training at QinetiQ said: “The exercise demonstrates how QinetiQ can work with Government partners and the CNI sector, bringing together our capabilities and experience, to increase the resilience of the UK and recognise the importance of exercising as a means to assure operations.“

John, Scottish and Southern Electricity Networks said: “We would like to thank the NCSC for the invitation and our subsequent involvement in the sector-wide cyber security test. The challenge and results from the scenario exercising has been invaluable in applying improvements to our emergency planning and resilience processes, along with recognising the importance of cross industry support and alignment during such events.”

A participant said: “It provided us with a greater awareness of the cyber threats within the sector and how all business functions need to work together to respond to a cyber-incident.”


* required field

Post a comment

Other Stories
Latest News

IBA forecasts strong headwinds for aviation in 2020

The global aviation marketplace will encounter a wide range of challenges in 2020, according to Leatherhead based independent aviation consultant IBA, which released its 2020 Market Update today.

Rethinking aerospace and defence data management

Graham McCall, Vice President Operations UK, Aras, tells us why the aerospace and defence sectors need to rethink their approach to data management.

IFS' cloud-based solution selected by EaglePicher

EaglePicher Technologies, a producer of batteries and energetic devices for aerospace and defence, has chosen IFS Applications as its central enterprise resource planning (ERP) system of record.

Titan Airways adds A321LRs to its fleet

London Stansted-based charter and airline sub-charter specialist, Titan Airways, is strengthening its fleet in 2020 with the introduction of two Airbus A321LRís.

European passenger traffic in November decelerates at +1.7%

European airport trade body ACI EUROPE today released its latest air traffic report for November 2019, measuring all commercial aviation air services from full service, regional, low cost and charter.

Met using innovative new motorbikes to curb moped crime

In order to continue tackling moped-enabled crime in London, officers from the Metís Operation Venice team are now using faster and lighter motorbikes to pursue thieves.

Rubb SK2911070220
See us at
S&P BT241019040320AMAS BT0312270220VIDSE BT1605060320FIL20BT010819260720