Last year, reports came out that cyberattacks on U.S. utility operators were on the rise, particularly driven by the threat of extremists. That analysis is proven, as U.S. electric utilities have experienced an approximately 70% jump in cyberattacks in 2024 compared to last year. These attacks intentionally target critical infrastructure targets, creating the conditions for widespread danger to communities while also costing utilities challenged to keep up with hostile threat actors. This threat is so persistent that the National Renewable Energy Laboratory recently created a tool to help utilities assess the total costs possible during a cyberattack. Especially with a rise in distributed energy resources (DERs) and distributed energy resource management systems (DERMS), utilities face numerous potential vectors for attack. To celebrate Cybersecurity Awareness Month, let’s look at the intersection of cyberattacks and Grid-Edge DERMS for the best tips in mitigating these damaging attacks.
The DER Market & Grid-Edge DERMS
Analysts believe that the distributed energy resource market will nearly double by 2027. This increase in DER assets presents operational challenges through increased demand encumbrance while providing opportunities for load management. These assets are managed by distributed energy resource management systems (DERMS). There are two types of DERMS:
- Grid DERMS – This DERMS is used to aggregate utility-owned assets like solar or battery installations, and is usually found behind a firewall on-premise.
- Grid-Edge DERMS – By contrast, a Grid-Edge DERMS aggregates behind-the-meter DER assets found at the edge of the grid: in customer homes. This platform is often cloud-based, typically the work of a vendor.
For this article, we’re looking exclusively at the Grid-Edge DERMS necessary to manage the burgeoning amount of DER assets found behind the meter from battery or electric vehicles and EVSE chargers to smart home devices like thermostats or water heaters. These devices each represent a potential vector that a cyberattack could exploit. Fortunately, there are some valuable tools useful in mitigating these challenges. Let’s take a look at some of the most common.
What is a SOC 2 Type 2 Certification?
SOC 2 Type 2 certification is an audit process that assesses how an organization safeguards customer data and ensures the effectiveness of internal controls related to information security, availability, processing integrity, confidentiality, and privacy. It is part of the Service Organization Control (SOC) framework, developed by the American Institute of Certified Public Accountants (AICPA).
SOC 2 reports are dynamic, and designed to meet the needs of the targeted industry. You may see these reports as SOC 2 Type 1 or 2.
- SOC 2 Type 1 assesses the design of security processes and controls at a specific point in time
- SOC 2 Type 2, on the other hand, evaluates the effectiveness of these controls over a defined period (typically 6 to 12 months).
The audit evaluates an organization’s controls based on one or more of the five Trust Service Criteria:
- Security: Protecting systems from unauthorized access.
- Availability: Ensuring systems are available for operation and use as agreed.
- Processing Integrity: Ensuring systems process data accurately and timely.
- Confidentiality: Protecting sensitive information.
- Privacy: Protecting personal information collected and processed by the system.
SOC 2 Type 2 certifications are especially critical for cloud service providers, software-as-a-service (SaaS) companies, and other organizations that handle customer data. These certifications demonstrate that the company has effective operational controls in place over an extended period, giving clients and partners confidence in data security and operational resilience.
The Importance of Data Encryption
The concept of coded language dates back millennia, with examples appearing throughout history. For example, during World War II famed scientist Alan Turing used his machine—the antecedent to modern computing—to break Axis codes to help Allied troops. As such, computers are now used to perform that same encryption, which has gained increasing importance in the Information Technologies industry as a standard for data protection.
Put simply, data encryption helps ensure privacy while securing data from attackers and has become a part of everyday life, and often represents an early step in preventing cyberattacks. By ensuring data encryption, Grid-Edge DERMS vendors can minimize the potential for cyber incursions, while in turn aiding in strategically fostering the trust in DERs necessary to realize valuable load flexibility initiatives.
Running Vulnerability Tests
As the title suggests, vulnerability testing is a strategy designed to probe for potential weak points that could lead to a data breach or cyberattack. For Grid-Edge DERMS providers, this is a critical step in ensuring that not only are potential threats to utility providers or customers minimized, but that any possible gaps in security can be addressed. Ideally, vulnerability testing should be run as frequently as feasible, to ensure that the data security posture of any organization is compliant with the evolving ecosystem of potential threats or threat actors who may exploit changes or updates to their advantage.
Password Management
In all likelihood, if you’re reading this, you’re already involved in some degree of password management, whether that’s identifying the right password for your smart device or computer or for any number of online applications. Password managers provide a solution to this by providing enhanced security for keeping up with your passwords and more.
For Grid-Edge DERMS vendors, ensuring that passwords are strong and protected is crucial in minimizing the potential of any cyber attack, which is one reason many providers employ multifactor authentication in their password process. Multifactor authentication builds on the core security tenets of passwords by requiring secondary login factors like thumbprints or face scans, randomly generated codes, and more.
Routine Training on Evolving Security & Privacy Standards
The history of cyberattacks reveals a long pattern of threat agents constantly probing for potential cyber vulnerabilities. A recent report revealed that U.S. power grids are becoming increasingly vulnerable to cyberattacks. Grid-Edge DERMS providers should remain vigilant to the threat of these incursions through routine training and security exercises. Doing so can minimize the risk of evolving cyber threats while providing opportunities for internal growth. Ensure that your Grid-Edge DERMS provider is diligent both in training and maintaining a security posture to minimize new and incoming threats.
Cybersecurity & Grid-Edge DERMS Conclusion
Cyberattacks are no joke. Last year, there were more than 2365 cyberattacks reported, affecting more than 343m people worldwide. These attacks are becoming more prevalent, and increasingly directed at important infrastructure targets including electric utilities. For cyber attackers, this means creating widespread chaos potentially for money or some other outcome, with data breaches costing an average of 4.88m in 2024 alone.
With the U.S. grid in increased jeopardy of these incursions, as well as challenged by costly infrastructure upgrades, managing successively volatile weather patterns, and more, load management has never been more important. Grid-Edge DERMS is a critical tool in enhancing grid resiliency while defraying high peak costs, so make sure that your preferred vendor is prepared today for the cyber challenges of tomorrow.