For all concerned with creating a healthy and prosperous environment for a nation’s citizens, keeping the energy sector running consistently and efficiently is a priority. The UK’s National Cyber Security Council identified the energy sector as one of 13 critical national infrastructure sectors whose loss or compromise would have a debilitating effect on the country.
Maintaining site security while ensuring engineers can quickly access sites at short notice has to be a top priority. Yet, an over reliance on legacy systems and processes does not always make this simple. For example, it’s estimated that over a million households lost power in the aftermath of Storm Eunice. With teams scrambling to restore connections as quickly as possible the last thing engineers need is a long drive to collect the physical key at a facilitybefore they can assess or resolve the problem. The task of keeping track of who had access to what and when can also be a nightmare to manage.
These same practices are not robust enough to respond to the physical and cyber security challenges that face the industry today, so new solutions are being introduced to manage these issues under a single system.
How do you solve a problem like energy infrastructure?
Historically, a number of factors have made it difficult to ensure necessary physical security for the energy sector. Firstly, sites operate across huge areas of land, and organisations often do not have the full view of their operations, affecting response to security incidents. With infrastructure spread across large areas it also means that asset maintenance is likely to be outsourced to third parties, so the second problem is how regularly valuable equipment, often located in places that may be a security blind-spot, is entrusted with people that don’t leave an audit trail.
Physical locks are often used to secure these sites, but these offer no form of access control or digital record. Furthermore, knowing that the risk of cutting new keys is too high, the logistics of getting a master key for a maintenance job adds time and cost to every callout. Cybersecurity also presents an entirely new landscape of concerns for organisations, especially with the number of cyberattacks in recent years.
Overcoming these legacy problems requires organisations to modernise their security technology. That means developing a strategy that will meet their current and future needs while also improving operations, simplifying the compliance process, and increasing cybersecurity. Deploying a unified security system is an important step towards achieving this goal.
Securing critical infrastructure and improving operations
Blending IP security systems within a unified solution can help organisations improve their physical security and make their operations more efficient. There are a number of options available to security teams for each aspect of their jurisdiction. Considering perimeter security alone, implementing radar, LiDAR fence intrusion detection, and video analytics to detect activity approaching your fence line will directly impact response times withactionable, real-time information.
Where access to the perimeter needs to be granted, sites can use Automatic Number Plate Recognition to permit trusted vehicles to restricted areas. This will eliminate large portions of the time associated with verification and is particularly important for keeping security staff in the central control room and not at the front gate.
From the control room, an IP video management system working in tandem with an access control system gives teams the full view of their area and the ability to open doors remotely. This is particularly useful in the energy sector where many sites are unmanned, speeding up response times by removing the logistical challenge of collecting a physical key for a maintenance job. Including people counting technology in a video management system can also assist with incidents and evacuations by automatically sending reports to decision makers within an organisation.
Simplifying the compliance process
Aside from giving better visibility and control, using a unified security system makes a difference to how efficiently events are audited. In the event of a maintenance callout, a digital trail of data gives a clear timeline of who was on site, where they went and if the door was locked behind them. Securely collecting, managing and sharing digital evidence from investigations make it easy to meet the various requirements set by audit regulations.
A unified system also gives great control over cyber threats. In an industry that is getting ever more connected, vulnerable devices, such as a poorly configured camera or out of date firmware, can be exploited by cyber criminals looking for a gateway into and organisation’s data. Robust solutions are required to protect the digital space, and Genetec can deliver this without compromising security functions.
Author: Steve Green, Business Development Manager at Genetec
