The cyber threat landscape for utility companies is continually evolving, with more complex attacks from nation-state actors and other sophisticated threat actors targeting essential infrastructure providers. According to a LinkedIn article, the top 5 cybersecurity threats in the utilities industry are:
- Supply Chain Attacks
- Incomplete Integration of Systems
- Ransomware and Incident Response
- Identity and Access Management (IAM) Inefficiencies
- Mobile Device Phishing
In 2024, cyberattacks on U.S. utilities increased by nearly 70% compared to the same period in 2023. As key providers of critical national infrastructure, a cyber breach in the utilities sector could lead to significant transport, banking, and communications disruptions. This could result in millions of people losing access to essential services such as power and water. With digitization expanding their vulnerability, utilities must recognize the risks they face and take steps to minimize them.
Cybersecurity concerns remain a top priority for utilities, driven by the interconnected nature of infrastructure and systems, increasing regulations, and a rise in the frequency and complexity of attacks. The necessity of connecting a growing number of citizens to essential utility services, combined with the collection of private consumer data through smart metering and smart home technologies, adds additional risks and may complicate the compliance process.
The Evolving Attack Surface for Utilities
The Internet of Things (IoT) has become a crucial factor in modernizing utility infrastructure. It enhances the efficiency of grids, maintenance, and asset management, leading to improved customer service for end users. However, IoT also exposes utilities to various new threats and vulnerabilities, particularly those associated with third-party applications.
A recent study found that an alarming 89% of respondents with IoT deployments have experienced an IoT-related breach, predominantly due to malware. Historically, operational technology (OT), including SCADA systems, smart substations, and distribution management systems, was isolated from external networks, making them less vulnerable to attacks.
As utility infrastructures become more interconnected, smart, and decentralized, a centralized approach to securing them is no longer sufficient, this includes any applications that can create a threat vector.
Salesforce for the Utility Industry
Utility companies use a specific Salesforce product called “Energy & Utilities Cloud,” designed to meet the unique needs of the energy and utility industry. These companies leverage Salesforce to manage customer relationships and provide services, allowing customers to interact with the Salesforce platform indirectly through the utility company’s customer service channels and online portals. Moreover, utility companies often find themselves in emergency response situations due to trouble calls, extreme weather, and natural disasters. As a result, their Salesforce applications may need to be customized to address specific circumstances, requiring constant testing and security measures to ensure reliability.
PII and the Shared Responsibility Model
Utility companies handle a variety of Personally Identifiable Information (PII) related to their customers, making them frequent targets for cybercriminals. This sensitive information may include full names, street addresses, phone numbers, utility account numbers, credit card numbers, and payment details, such as bank account information. Additionally, in some cases, it may also encompass other data like Social Security numbers, Unified Business Identifier (UBI) numbers, driver’s license information, passport details, as well as meter readings and electricity usage data that can be linked to third-party applications.
Like most cloud service providers (CSPs), Salesforce uses the shared responsibility model. Although some security features cover platform-specific functions, it does not include custom code, data protection such as PII, compliance requirements, and other critical components derived from customization. Organizations must go beyond reactive security and take a forward-looking approach to application security, with cyber resilience and compliance requirements built in.
Salesforce Energy & Utilities Cloud users may employ a vulnerability scanning tool, but many in the marketplace lack comprehensive and in-depth security scanning capabilities. As a result, they generate substantial numbers of false positives, massively straining scarce and valuable internal resources and potentially overlooking real vulnerabilities.
DigitSec is a comprehensive Salesforce code and config security scanning platform that is easy to use, delivers immediate value, and provides a positive business impact. DigitSec is an ideal solution for cybersecurity teams and developers to find security vulnerabilities, recommend corrective action before deployment, and enable faster delivery of secure applications. DigitSec is SOC 2 Type 2 compliant, following internal best practices of security controls, policies, and procedures.
To find out how utilities can find, correct, and mitigate risk in their Salesforce Energy & Utilities Cloud application development, visit us at www.digitsec.com or email us at sales@digitsec.com.
