Most utility leaders today recognize that a cyber breach or system breakdown is inevitable. But rare is the executive who thinks such an event will lead to an organization-threatening crisis—until it does.
Too often, utilities are unprepared to address the many issues created when intruders gain access to critical systems and data. Given that utilities have come to understand that a cyber or physical breach is virtually inevitable, why do so many remain ill prepared to manage the resulting crisis?
Those who bring too little too late typically suffer from two significant shortcomings. Despite a growing realization that a cyber breach can pose serious, broad-based challenges, typical response efforts focus on fixing technical problems. They concentrate on finding and removing the intruders as quickly as possible, while ensuring that the lights remain on with as little disruption as possible.