6533b833fe1ef96bd129c4eb

RESEARCH PRODUCT

Cyber security in the management of an electricity company

subject

description

The functioning of a modern society is based on the cooperation of several critical infrastructures, whose joint efficiency depends increasingly on a reliable national electric power system. Reliability is based on functional data transmission networks in the organizations that belong to the power system. Furthermore, reliability is linked to the usability, reliability and integrity of system data in the operating environment, whose cyber security risks are continuously augmented by threatening scenarios of the digital world. In Finland, the production of electricity is in various ways decentralized, which contributes to the reliability of the power system. Finland has about 120 enterprises that produce electricity and about 400 power plants, in which electricity is produced using various production methods. Power system process control is highly automated and networked. This report focuses on the procedures applied to cyber security management in the processes of electricity companies, whereby different standards will also be utilized. The major contributions of the article are that it integrates cyber security management and risk analysis into the process structures of individual electricity companies and that it utilizes the PDCA (Plan, Do, Check, Act) method in developing a company’s cyber security management practices. In order to put the measures into practice, the leadership of an electricity company must regard trust-enhancing measures related to cyber security as a strategic goal, maintain efficient processes and communicate their implementation with a policy that supports the strategy. nonPeerReviewed