Claroty And Vector Technology Solutions Deliver Roundtables Supporting Collaboration Across The NZ Energy Sector

AUCKLAND – 28 August 2023 – Claroty, the cyber-physical systems protection company, and partner Vector Technology Solutions Ltd (VTS), a digital solutions business and a subsidiary of New Zealand energy company Vector Ltd, recently hosted three roundtable discussions among top C-suite executives in New Zealand’s critical infrastructure sector, including PowerNet, Electra, Aurora Energy and Unison. Travelling to Wellington, Napier and Christchurch, the discussion focused on the current threat landscape, particularly in New Zealand’s Energy sector. The group also discussed potential changes to New Zealand’s resilience policy and regulatory landscape.

In 2021-2022, the New Zealand Cybersecurity Centre reported 350 incidents affecting nationally significant organisations, with a rise in attacks from state-sponsored actors since the previous year. New Zealand is unique amongst other Five Eyes nations in that our legislative environment for the cyber security of critical infrastructure entities is relatively under developed with voluntary guidelines and coordination across the sector playing a key role. Critical infrastructure providers – such as electricity distributors – should be continuing to evolve in the context of the changing threat landscape (including potential changes to legislative requirements).

Special guests on the panel included Vector's Chief Information Security Officer, Aaron McKeown, and Admiral Michael S. Rogers, a retired four-star admiral of the United States Navy who served as the second commander of the United States Cyber Command while also serving as the 17th director of the National Security Agency (NSA) and as chief of the Central Security Service (CSS).

The discussion revealed the pros and cons of new legislation and leveraged Admiral Rogers’ experience with US cyber policy to encourage smaller electricity distributors in New Zealand to start discussing their security posture collectively. The attendees agreed that a sector based approach in building a secure ecosystem was a critical mechanism to ensure the overall uplift of the cyber posture of the industry.

Key challenges facing NZ distribution businesses

• Cyber professionals within energy distribution businesses must continue to perfect the art of communicating risk and threats across all levels of the organisation – from boards to employees. This is critical to secure the necessary funding and resources CISOs need to improve their organisation’s cyber posture;
• CIO’s and CISO’s can’t drive cyber security alone, they need buy in from all levels of the organisation to ensure the human firewall is as strong as the OT/IT security;
• Third-party security poses a significant risk to energy distributors, given there are numerous partners and partner platforms in the energy supply chain;
• Ransomware remains one of the biggest risks to electricity distributors and other organisations globally.

Admiral Rogers said “Successful breaches into critical infrastructure are “not if but when”. Organisations know it’s only a matter of time before attackers get into their networks, but building overall resilience is the key to reducing the damage - specifically, techniques to stop attackers moving laterally throughout the network once inside.”

Aaron McKeown, Chief Information Security Officer at Vector, said “More collaboration is key to uplifting cyber security across the whole energy sector. While there are some structured forums such as Control Systems Security Information Exchange (CSSIE) that allow for the sharing of cyber-related information between organisations, informal roundtable discussions like these present an invaluable opportunity for industry leaders to exchange important ideas and insights on the complex cyber security landscape today.”

The roundtables delivered by Claroty and VTS encouraged valuable information sharing and best practice which will benefit the EDBs and cyber posture for the industry moving forward.

© Scoop Media